Sr. Security Consultant, DFIR

Security Services United States


Position at Trustwave Government Solutions

About Trustwave 

Trustwave is a leading cybersecurity and managed security services provider focused on threat detection and response. We uncover threats that others can’t and respond quicker than others can to protect against the devastating impacts of cyberattacks. We’re a world-class team of cyber consultants, threat hunters and researchers serving clients in 96 countries. At Trustwave, you can learn alongside the best,
make a personal impact on a global scale, and solve new challenges every day. Learn more about us at 

Trustwave Government Solutions is a leading provider of data security and compliance services to the U.S. Federal government. Our team of security experts, ethical hackers and researchers, enables our government partners to transform the way they manage their information security and compliance programs results to ensure each customer receives valuable outcomes at the best value. The agencies we work with benefit from our collaborative, innovative approach to meeting their unique needs. We listen carefully and respond nimbly. Our solutions combine industry best practices with customized technology to ensure quality and integrity.

We are looking for a Digital Forensics and Incident Response (DFIR) Consultant with training experience

 Specific Responsibilities:

  • Conducting Incident Response investigations for a variety of government clients.
  • Updating and assisting with the development of training materials and teaching courses on Network Intrusion methodology and multiple forensics disciplines.
  • Perform tabletop exercises, policy reviews and other proactive services for our clients.
  • Being part of a global team of incident responders, penetration testers, threat hunters and researchers, sharing knowledge and methodologies.

Candidates should be versed in multiple aspects of DFIR such as memory analysis, forensic timelining, hash analysis, and malware identification. The ideal candidate will be a former law enforcement officer or have experience teaching law enforcement.  Consultants must be able to effectively balance workload and work effectively and closely with colleagues within the ever-growing team worldwide. This position is open to remote US-based candidates. TGS SpiderLabs candidates will also have the opportunity to cross train with the penetration testing and threat hunting team if desired.


  • Defined professional experience performing incident response and digital forensics in Windows and mixed environments.
  • Knowledge of security basics in both Linux and Windows environments as it pertains to web application, middleware, database, and identity management platforms.
  • Certifications such as GCIH, GCFE/A or comparable are desirable.
  • Experience teaching or actively proctoring in a classroom environment
  • Ability to maintain Secret clearance required.
  • Active Secret Clearance strongly preferred.
  • Travel 50 percent with potential to surge to 75 percent to support the mission.

A high school diploma or equivalent is required; a college or university degree is a plus.

Per Federal government contracting requirements, candidate must be a US citizen, as well as potentially pass and maintain a National Agency Check with Local Agency and Credit Checks (NACLC).

Trustwave is an Equal Opportunity Employer of Minorities, Females, Protected Veterans, and Individuals with Disabilities.

To All Agencies:

Please, no phone calls or emails to any employee of Trustwave outside of the Talent Acquisition team. Trustwave’s policy is to only accept resumes from agencies via the Trustwave Agency Portal. Agencies must have a valid fee agreement in place and they must have been assigned the specific requisition to which they submit resumes, by the Talent Acquisition team. Any resume submitted outside of this process will be deemed the sole property of Trustwave and in the event a candidate is submitted outside of this policy is hired, no fee or payment of any kind will be paid.