← Back to GRC
P
Palo Alto Networks
www.paloaltonetworks.com/company

Incident Response Careers with Palo Alto Networks Unit 42

GRCOn-site

Q&A With Kensuke Brian Sasaki, Principal Consultant, Palo Alto Networks Unit 42

Find out what it's like to join our growing global team \[scroll down for Japanese\]!

Q1. What services does Unit 42 provide?

“Our daily mission is to protect the digital world from cyberattacks.

We wake up every day focused on collecting and analyzing the most up-to-date threat intelligence and applying our analysis to respond to cyberattacks.

We make sure that your worst days aren’t as bad as they might have been without us.”

We can categorize our services into three groups: Cyber Risk Management Services, Managed Services, Incident Response Services.

Cyber Risk Management Services involve activities such as assessing an organization's cybersecurity posture proactively to identify vulnerabilities and recommend preventive measures to strengthen security defenses before potential threats are exploited. These services focus on strategic planning, risk management, and continuous improvement to help organizations anticipate and mitigate future cybersecurity risks effectively.

Managed Services include our Managed Detection & Response (MDR) service and our Managed Threat Hunting (MTH) service. Unit 42 helps to monitor, detect, and respond to security incidents on behalf of the organization, offering round-the-clock protection and expertise to enhance overall security posture and reduce operational burden.

Incident Response Services involve providing rapid and effective support to organizations facing cybersecurity incidents, including investigation, containment, eradication, and recovery to minimize damage and restore normal operations swiftly. This service aims to identify the root cause of incidents, contain the impact, and implement proactive measures to prevent future occurrences, enhancing overall cyber resilience.

Q2. What is the role of a Principal Consultant at Palo Alto Networks?

As a Principal Consultant on the Incident Response Services team, my involvement starts when I get on a call with a client facing a cybersecurity incident. The first thing we do is scope the incident by determining which assets we should focus on for our investigation. The initial scope is just a starting point and we always adjust our investigation scope depending on our investigation findings. We then analyze forensics artifacts and other data sources such as firewall logs or email logs to determine what happened and we also propose containment and eradication actions. We make sure the reaction measures are effective and do follow up monitoring, threat hunting, and further forensics analysis. Once we determine the response measures are adequate, we provide a formal report of our findings so the client can understand what the threat actor did and the impact the attack had on their environment or data. We also provide recommendations for remediations of security gaps we have identified during the investigation and follow-on actions the client can do to further enhance their security posture.

Q3. What was the reason for your career change, and why did you choose Palo Alto Networks? I was offered to join Unit 42 as the first consultant in Japan. This was exciting to me because it meant I would be able to help build the team and directly support our expansion in Japan and the greater JAPAC region. Working with teams outside of Japan has been a strength of mine and the large global footprint of PANW was also very impressive. Q4. What is the work environment and team culture like after joining Palo Alto Networks? The work environment has been great. Being the one and only Unit 42 member is a bit of a challenge at times because there are so many sales teams and only one of me. However, everyone is very supportive to maintain a healthy work-life balance. Also, the JAPAC Unit 42 team who supports me is always top notch and might be one of the most talented teams I’ve worked with. And finally, having the global Unit 42 team available to support cases 24x7 is again great to maintain a healthy work-life balance. Q5. What kind of person do you think fits well at Unit 42?