Lead and oversee complex, high‑profile cyber incident response and investigation engagements, guiding clients through preparation, response, and recovery
Direct and participate in hands‑on investigative work during critical or high‑impact incidents, including ransomware investigations
Manage multiple concurrent incident response projects across a diverse client base, spanning various industries, technologies, and geographies
Act as the primary point of contact for clients, building trusted‑advisor relationships and ensuring high‑quality, consistent service delivery
Oversee technical investigations to ensure thorough analysis of large‑scale cyber incidents and data breaches
Design and facilitate both technical and executive workshops covering incident response, network security, vulnerability management, and related topics
Provide strategic guidance on incident containment, remediation, and recovery using best‑practice frameworks such as NIST and SANS
Lead and support the execution of tabletop simulation exercises for technical teams and executive stakeholders
Oversee the creation of high‑quality deliverables, including detailed investigation reports, executive briefings, and remediation recommendations
Ability to work evenings and weekends

Requirements

5+ years of experience in digital forensics and incident response, or a closely related field
2+ years in a leadership or managerial role
Experience managing incident response engagements:
Ransomware, data breaches, business email compromise, network intrusions, cloud incidents
Ability to investigate and respond to ransomware attacks, including familiarity with ransomware TTPs, negotiation processes, and decryption/recovery strategies
Experience with industry-standard digital forensic tools:
Magnet Axiom, Encase, XWays, FTK, Velociraptor, etc
Experience with EDR tools:
CrowdStrike Falcon, Carbon Black EDR, Microsoft Defender for Endpoint, etc
Familiarity with security monitoring solutions:
Splunk, Microsoft Sentinel, Elastic/ELK, etc
Understanding of SOC operations, operating systems, file systems, cloud platforms (Azure, AWS, GCP), and enterprise IT infrastructure
Experience leading and mentoring teams in high-pressure, dynamic environments
Strong ability to communicate complex technical concepts to both technical and non-technical stakeholders, including executive leadership
Demonstrated client management and relationship-building skills
Excellent time management and organizational abilities**

Benefits

Great people and culture
RSP Plan
Career growth – Permanent staff positions, paid training, career life planning, and relocation and travel opportunities
Interesting work – Be part of exciting projects while accessing all the latest technologies

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

digital forensicsincident responseransomware investigationsdata breachesnetwork intrusionscloud incidentsinvestigation reportsremediation recommendationsvulnerability managementtabletop simulation exercises

Soft Skills

leadershipclient managementrelationship-buildingcommunicationtime managementorganizational abilitiesmentoringstrategic guidancetrusted-advisor relationshipsability to work under pressure

Certifications

NISTSANS