Who We Are
If you feel like Incident Response and Recovery hasn’t changed in the past 10 years, you’re not alone. Business operations aren’t just on endpoints anymore. It’s behind applications in Okta tiles, auto-scaling workloads, code repos, and sprawling data stores across one or many public clouds. At MOXFIVE, we’re focused on eradicating adversaries across our client’s entire digital footprint, and that demands a faster, nimbler approach to DFIR.
We’re looking to expand our IR Consulting Team with individuals driven to protect clients, eliminate threat actors, and build the next era of digital forensics and incident response for the modern enterprise.
Who You Are
You know that $I30 isn’t referring to your local interstate, and that the easiest way to get on your bad side is to be handed a timestamp that isn’t in UTC. You’ve got a “Tools” folder sitting on your workstation somewhere with your favorite forensic scripts at the ready to tear into the next piece of suspicious activity you see. And speaking of suspicious activity, you’ve honed a keen sense for knowing the difference between legitimate users and threat actor activity because you’ve seen them in action.
Hundreds of times.
Windows environment investigations feel like the back of your hand at this point, and you’ve been starting to expand your knowledge on cloud-native forensics. Account takeovers are the new malware after all, and investigating the latest threats across Azure, GCP, AWS, and SaaS Apps is the growing frontier you’ve been looking to sink your teeth into.
Client conversations don’t scare you. You understand what it looks like to support a client team that’s going through their worst professional days with confidence and empathy.
You’re insatiably curious, addicted to threat intel, and a builder at heart. Ultimately, you’re looking for the right opportunity that uses your technical chops to find and eliminate meaningful adversaries while putting your stamp on a better approach to traditional DFIR consulting.
Why You Matter
You’ll be joining a seasoned team of high performing incident response consultants that are the tip of the spear for all forensic activity at MOXFIVE. From ransomware to nation-state threats, you’ll be supporting and leading meaningful cases across traditional enterprise and cloud-native environments. We’re a startup in the truest sense, and your voice has significant weight in shaping our technology stack, investigative methodology, and service offerings as we continue to scale.
What You'll Bring
Experience responding to threat activity as an IR consultant or SOC analyst
Strong understanding of Windows/Mac/Linux fundamentals, forensic artifacts, and network analysis
Existing knowledge or passion to learn cloud-native investigations across AWS, GCP, and Azure
An unwavering emphasis on investigation at the highest level of quality
Perspective and voice to continue to shape our practice
What is Expected
This position is expected to work a schedule of Wednesday through Sunday, 1PM – 9:30PM Eastern time. It is a fully remote position, we are open to any location in the US, but preferably someone located in the Mountain or Pacific time zone.
Similar Jobs
What you need to know about the Austin Tech Scene
Key Facts About Austin Tech
- Number of Tech Workers: 180,500; 13.7% of overall workforce (2024 CompTIA survey)
- Major Tech Employers: Dell, IBM, AMD, Apple, Alphabet
- Key Industries: Artificial intelligence, hardware, cloud computing, software, healthtech
- Funding Landscape: $4.5 billion in VC funding in 2024 (Pitchbook)
- Notable Investors: Live Oak Ventures, Austin Ventures, Hinge Capital, Gigafund, KdT Ventures, Next Coast Ventures, Silverton Partners
- Research Centers and Universities: University of Texas, Southwestern University, Texas State University, Center for Complex Quantum Systems, Oden Institute for Computational Engineering and Sciences, Texas Advanced Computing Center
