Director, Digital Forensics & Incident Response
The Americas, USA
$185,000 base


Department: Professional Services, Digital Forensics & Incident Response, Washington, Virginia

Reports To: Managing Director




Incident Response Investigations


·        Lead Client engagement efforts from initial scoping calls to report delivery, including developing Statements of Work (SOW), defining budgets and collaborating with clients to provide regular status updates

·        Investigate network intrusions, malware, ransomware, and other cybersecurity incidents to determine the cause and extent of the breach. Includes ability to perform host-based and network-based analysis and lead investigative teams

·        Counsel Clients in distress and provide guidance around containment and remediation measures across all major operating systems and network device platforms

·        Produce high quality oral and written work product presenting complex technical issues clearly and concisely

·        Oversee staffing for Client matters to ensure they are managed adequately and efficiently and that case deadlines are met, and budgets are maintained

·        Liaise with external stakeholders, including counsel, vendors, and law enforcement agencies.




·        Actively support the mentorship and technical development of junior DFIR personnel

·        Supervise other DFIR staff, including coordinating teams of experts, assuring outstanding work product, and assisting with annual performance management, development, and mentorship of cybersecurity direct reports

·        Seek opportunities to broaden expertise of DFIR personnel through in-house and outside training

·        Ensure the smooth functioning of the forensic laboratory under your direct supervision (if applicable); foster teamwork, information sharing, and inter-team collaboration and consistency


Practice Management


·        Collaborate with marketing and other stakeholders on collateral and thought leadership content

·        Participation in technical meetings and working groups to address issues related to malware security, vulnerabilities, and issues of cybersecurity and preparedness

·        Conduct/lead team meetings to proactively address process improvement and development.




·        10+ years of incident response or digital forensics experience

·        Strong work ethic and even stronger analytic, quantitative, and creative problem-solving abilities

·        Outstanding Client service skills and a high level of professionalism

·        Ability to anticipate and respond to changing priorities and operate effectively in a dynamic, demand-based environment, requiring flexibility and responsiveness to Client matters and needs

·        Deep experience with most common operating systems (Windows, macOS, Linux, iOS, Android) and their file systems (ext3/4, HFS+, APFS, NTFS, exFAT, etc.)

·        Proficiency with industry-standard forensic toolsets, including Carbon Black, EnCase, Axiom/IEF, and FTK

·        Experience with conducting log analysis of various types of logs, including Windows Event Logs, Apache, IIS, and firewall logs

·        Clarity in written and oral communication

·        Commitment to learning and teaching others in a collaborative environment of talented high performers

·        Comfortable with entirely remote work environment, attending meetings and scoping calls with short notice, and instances of evening and weekend on-call hours


Education &Training


·        Bachelor’s Degree in Cyber Security, Digital Forensics or another related field strongly desired

·        Desired Certifications: CCE, EnCE, CFCE, ACE, CISSP, GCIA, GCFE, GCFA, GREM, and GNFA


Interested?  Apply below.




why not introduce
hi, . how can we
help you?
perfect, can we get your email
to reply to your message?