Senior Incident Response Consultant

This role joins Spear Tip, the cybersecurity consulting segment within Zurich Resilience Solutions. Blending cutting-edge technologies, unique skill sets, and proven cyber counterintelligence strategies, Spear Tip partners with our clients to protect shareholder value, shield corporate reputations, and enhance long-term profits. We are driven to protect our clients from theorde of threat actors and become the gold standard in detecting zero‐day vulnerabilities.

In this role you work virtually within the U.S. and extend up to 20% travel.

• Lead incident response engagements for external clients, conducting digital forensics investigations, malware analysis, and threat actor attribution to identify scope, impact, and root cause of security incidents.
• Provide 24/7 on‑call emergency response services, rapidly deploying to client sites or remotely connecting to contain active threats, preserve evidence, and minimize business disruption.
• Conduct comprehensive forensic examinations of compromised systems, networks, and cloud environments using industry‑standard tools and methodologies to support client remediation and potential legal proceedings.
• Deliver executive‑level briefings and written reports to clients, translating complex technical findings into business impact assessments and actionable recommendations.
• Coordinate with client stakeholders including IT teams, legal counsel, insurance carriers, law enforcement, and executive leadership to manage incident response activities and communication strategies.
• Provide expert guidance on ransomware negotiations, business email compromise investigations, insider threat cases, and advanced persistent threat incidents.
• Develop and deliver incident response retainer services, conducting proactive readiness assessments, tabletop exercises, and security program evaluations for client organizations.
• Mentor junior consultants and analysts, providing technical guidance and quality assurance on client deliverables.
• Maintain detailed case documentation, time tracking, and engagement status reporting to ensure accurate billing and project management.
• Partner with insurance brokers, managed service providers, and law firms to provide incident response services as part of cyber insurance claims and breach response protocols.
• Stay current on emerging threats, attack techniques, and forensic methodologies through continuous research and professional development.
• Contribute to thought leadership initiatives including blog posts, conference presentations, and client education materials.
• Business Travel, as required (may be extensive during active incidents) as well as extended hours during Active Incidents/24x7 On‑call Rotation, flexible scheduling to accommodate client emergencies and time‑sensitive investigations, as required.

• Develop scopes of work and cost estimates for incident response engagements, ensuring projects are appropriately resourced and profitably delivered.
• Identify opportunities for expanded client engagements based on investigation findings, security gaps, and client needs.
• Support business development activities including client presentations, capability demonstrations, and proposal development for new and existing clients.
• Ensure all client deliverables meet quality standards and are delivered within agreed timelines and budgets.

• Bachelors degree and 5 or more years experience in the Information Technology area
  OR
• Zurich Cybersecurity Technician Apprentice, including Cyber Security Certification and 6 or more years experience in the Information Technology area
  OR
• High School Diploma or Equivalent and 7 or more years experience in the Information Technology area
  AND
• MS Office experience
  AND
• Knowledge of Cyber Security Operations

• Threat Intelligence & Malware Analysis - Proficiency Level Intermediate
• Client Communication & Stakeholder Management - Proficiency Level Advanced
• Network Forensics & Log Analysis - Proficiency Level Intermediate
• Cloud Security (Azure/AWS/M365) - Proficiency Level Intermediate
• Ransomware & BEC Investigations -…