RemoteAtlas
Find Jobs
CompaniesBlogPost a Job
RemoteAtlas

Discover curated remote jobs and work from anywhere. Updated daily with roles from top companies worldwide.

13,600+ live remote jobs

Follow us on:

Remote Jobs by Role

  • Remote Engineering Jobs
  • Remote Design Jobs
  • Remote Product Manager Jobs
  • Remote Marketing Jobs
  • Remote Sales Jobs
  • Remote Data Jobs
  • Remote DevOps Jobs
  • Remote Support Jobs
  • Remote Customer Success Jobs
  • Remote Cybersecurity Jobs
  • Remote Mobile Developer Jobs

More Roles

  • Remote QA Jobs
  • Remote HR & People Jobs
  • Remote Finance Jobs
  • Remote Operations Jobs
  • Remote Management Jobs
  • Remote AI & Machine Learning Jobs
  • Remote Writing & Content Jobs
  • Remote Video & Animation Jobs
  • Remote Translation & Localization Jobs
  • Remote IT Support Jobs
  • Remote Community Management Jobs

Remote Jobs by Location

  • Remote Jobs in the US
  • Remote Jobs in Europe
  • International Remote Jobs
  • Remote Jobs in the UK
  • Remote Jobs in the Americas
  • Remote Jobs in EMEA
  • Remote Jobs in APAC
  • Remote Jobs in Canada
  • Remote Jobs in Germany
  • Remote Jobs in India
  • Remote Jobs in Australia
  • Remote Jobs in Singapore
  • Remote Jobs in Brazil
  • Remote Jobs in the Netherlands

Company

  • Browse All Jobs
  • Blog
  • Companies
  • About Us
  • Post a Job
  • Contact Us

Remote Jobs by Skill

  • Remote Python Jobs
  • Remote TypeScript Jobs
  • Remote React Jobs
  • Remote Java Jobs
  • Remote Golang Jobs
  • Remote Ruby Jobs
  • Remote Rust Jobs
  • Remote Kotlin Jobs
  • Remote AWS Jobs
  • Remote Kubernetes Jobs
  • Remote Frontend Jobs
  • Remote Backend Jobs
  • Remote iOS Jobs
  • Remote Android Jobs
© 2026 RemoteAtlas. All rights reserved.
Terms & ConditionsPrivacy Policy
Home/Remote Cybersecurity Jobs/Guidepoint Security/Principal DFIR Consultant - Remote (Anywhere in the U.S.)
Guidepoint Security

Principal DFIR Consultant - Remote (Anywhere in the U.S.)

Guidepoint Security

Remote (US)Full-timePosted about 1 month ago
Security

Summary

Guidepoint Security is hiring a Principal DFIR Consultant - Remote (Anywhere in the U.S.) to join their remote team. GuidePoint Security provides trusted cybersecurity expertise, solutions and services that help organizations make better decisions and minimize risk. Key skills: Python, Go, AWS, Azure, AI.

GuidePoint Security provides trusted cybersecurity expertise, solutions and services that help organizations make better decisions and minimize risk. By taking a three-tiered, holistic approach for evaluating security posture and ecosystems, GuidePoint enables some of the nation’s top organizations, such as Fortune 500 companies and U.S. government agencies, to identify threats, optimize resources and integrate best-fit solutions that mitigate risk.

Job Overview

The Principal DFIR Consultant is the highest individual contributor level within GuidePoint Security's DFIR Practice. Operating at the intersection of deep technical expertise, client leadership, and organizational influence, the Principal serves as the practice's foremost technical authority.  This individual is brought in on the most complex, high-severity, and high-visibility engagements. In addition to leading critical investigations, the Principal shapes how the practice operates: developing methodologies, mentoring Senior and Analyst-level staff, contributing to business development, and driving continuous improvement across the team.

Primary Duties & Responsibilities

Technical Leadership & Engagement Execution

  • Oversight & QA: Serve in the Oversight role on complex or high-severity engagements, reviewing findings before client calls, providing technical depth, anticipating client questions, and ensuring quality of analysis and deliverables.
  • Lead on Critical Engagements: Step in as engagement Lead on the most complex or sensitive investigations (ransomware, APT, nation-state, insider threat), setting the standard for client communication and investigative rigor.
  • Advanced Technical Execution: Conduct advanced host forensics, network analysis, malware reverse engineering/triage, cloud forensics, threat actor attribution, and intelligence-driven investigation.
  • Surge Capacity: Serve as a trusted surge resource for the team during high-volume periods, providing senior-level coverage across concurrent engagements.

Practice Development & Mentorship

  • Methodology Ownership: Design, document, and maintain DFIR investigation methodologies, playbooks, and SOPs that raise the quality floor for the entire practice.
  • Mentorship: Actively mentor Senior Consultants and Analysts; provide guidance on technical challenges, client management, and professional development. Help develop the next generation of DFIR leads.
  • Knowledge Sharing: Lead internal training sessions, write technical blog posts and research, document lessons learned, and contribute to the team's collective knowledge base.
  • Tool & Automation Development: Identify gaps in current tooling and processes; design and build automation, scripts, or integrations that improve investigative efficiency across the team.
  • Hiring Support: Participate in candidate screening, technical interviews, and skills assessment to help build a high-quality team pipeline.

Client & Business Development

  • Client Trust: Build deep, trusted relationships with key clients and stakeholders; serve as a credible senior voice during high-stakes incidents.
  • Pre-Sales & Scoping: Support pre-sales activities including technical scoping, proposal development, SOW review, and client presentations for DFIR, Compromise Assessment, and IR Advisory engagements.
  • Industry Presence: Represent GuidePoint Security externally through conference presentations, webinars, publications, and engagement with the broader DFIR community.

Engagement & Availability Expectations

The Principal Consultant operates at the top of the IC ladder and is held to a commensurately high standard for availability, initiative, and ownership. This includes:

  • Maintaining consistent availability outside standard business hours for high-severity incident surges and team escalations.
  • Participating in on-call rotation as appropriate for seniority.
  • Proactively identifying and addressing gaps in team performance, processes, or client delivery.
  • Setting an example of professionalism, urgency, and ownership that the broader team can follow.

Required Qualifications

  • 8+ years of hands-on DFIR experience, including complex incident response and forensic investigations.
  • 10+ combined years of IT and information security experience.
  • Demonstrated experience in a Lead or senior technical role on high-severity engagements (ransomware, APT, nation-state, or insider threat).
  • Expert-level proficiency across multiple DFIR disciplines: host forensics, network forensics, log analysis, malware triage, cloud IR, and BEC investigation.
  • Exceptional written and verbal communication skills; ability to present complex technical findings to executive and legal audiences.
  • Proven track record of mentoring and developing junior and mid-level technical staff.
  • Experience developing or contributing to DFIR methodologies, playbooks, or tooling.
  • Embraces emerging technologies, including AI tools, to work smarter, solve problems, and drive better business outcomes.

Preferred Qualifications

  • Prior consulting or professional services experience at a leading DFIR or cybersecurity firm.
  • Advanced proficiency with scripting and tooling: PowerShell, Python, Bash, Go, or similar; experience building custom investigative tools.
  • Deep experience with EDR, NDR, XDR, SIEM, Velociraptor, and commercial/open-source forensic platforms.
  • Cloud incident response expertise: AWS, Microsoft 365, Azure, Google Workspace; familiarity with cloud-native forensic techniques.
  • Experience with threat actor attribution, CTI integration, and intelligence-driven investigation.
  • Familiarity with ransomware negotiation considerations, threat actor communications, and recovery workflows.
  • External thought leadership: conference talks, published research, blog posts, or community contributions.
  • Relevant certifications: GREM, GCFA, GCFE, GDAT, GCIH, GCIA, CISSP, or equivalent; advanced or multiple certifications are a strong plus.

What Success Looks Like

  • You are the person the team calls when an engagement gets complicated.
  • Senior Consultants and Analysts are measurably better at their jobs because of your mentorship and the standards you set.
  • You have meaningfully improved at least one methodology, playbook, or tool used by the practice.
  • Clients and partners recognize GuidePoint's DFIR practice as best-in-class, as a result of your technical and client-facing contributions.
  • You operate with complete ownership and initiative: you identify problems, propose solutions, and execute without being asked.
  • You represent GuidePoint externally in a way that builds the brand and generates trust in the DFIR community.

We use Greenhouse Software as our applicant tracking system and Zoom Scheduler for HR screen request scheduling. At times, your email may block our communication with you. Please be sure to check your SPAM folder so that you don't miss updates on your application.


Why GuidePoint?

GuidePoint Security is a rapidly growing, profitable, privately-held value added reseller that focuses exclusively on Information Security. Since its inception in 2011, GuidePoint has grown to over 1,200 employees, established strategic partnerships with leading security vendors, and serves as a trusted advisor to more than 6,200 customers.

Firmly-defined core values drive all aspects of the business, which have been paramount to the company’s success and establishment of an enjoyable workplace atmosphere. At GuidePoint, your colleagues are knowledgeable, skilled, and experienced and will seek to collaborate and provide mentorship and guidance at every opportunity.  

This is a unique and rare opportunity to grow your career along with one of the fastest growing companies in the nation.

Some added perks….

  • Remote workforce primarily (U.S. based only, some travel may be required for certain positions, working on-site may be required for Federal positions)
  • Group Medical Insurance options: Zero Deductible PPO Plan (GuidePoint pays 90% of the premium for employees and 70% for family plans (spouse/children/family) or High Deductible Health Plan with HSA (GuidePoint pays 100% of the employees premiums and 75% for family plans (spouse/children/family). If you choose the High Deductible / HSA plan, GPS will contribute in 4 equal quarterly installments: ($850 per EE annually / $1750 per family annually (includes spouse/children/family options)
  • Group Dental Insurance: GuidePoint pays 100% of the premium for employees and 75% of family plans
  • 12 corporate holidays and a Flexible Time Off (FTO) program
  • Healthy mobile phone and home internet allowance
  • Eligibility for retirement plan after 2 months at open enrollment
  • Pet Benefit Option

 

Want to see the full job details?

Create a free account to view complete descriptions, save jobs, and apply instantly.

Related jobs

Polymarket
Cloud Security Engineer New

Polymarket·Remote New York

Full-time$180K - $250KSoftware DevelopmentSecurity
1d
Fieldguide
Strategic Account PartnerNew

Fieldguide·San Francisco, CA or Remote (USA)

Full-time$200K - $250KSoftware DevelopmentSecurity
1d
Wealthsimple
Senior Technical Specialist, Corporate Security

Wealthsimple·Remote (Canada)

Full-timeCA$89.6K - CA$112KSecurity
1mo
CoreWeave
Senior Threat Intelligence Specialist I, Protective and Geopolitical IntelNew

CoreWeave·Washington D.C.

Full-time$134k - $179kSecurity
21h
More remote cybersecurity jobsMore remote jobs in the US