FREE ACCESS
5,000–10,000 jobs/day

See all jobs on JobTailor
Search thousands of fresh jobs every day.
Discover
- Fresh listings
- Fast filters
- No subscription required
Create a free account and start exploring right away.

Digital Forensics Lead – Incident Response
RSI SecurityDigital Forensics & Incident Response Lead managing high-stakes engagements such as data breaches and ransomware response. Delivering expert forensic reporting and strategic guidance to secure client infrastructures.
Tech Stack
Tools & technologiesPythonTypeScript
About the role
Key responsibilities & impact- Execute the end-to-end forensic process—collection, examination, analysis, and reporting—ensuring technical rigor and evidentiary integrity.
- Oversee the identification and acquisition of digital evidence from diverse sources while maintaining a strictly documented chain of custody and forensic soundness.
- Correlate observed behaviors against the MITRE ATT&CK® framework to pinpoint defensive gaps, validate existing controls, and enhance detection engineering.
- Architect containment strategies that balance operational continuity with the need to isolate threats and preserve volatile evidence during active incidents.
- Provide advanced analytical response and advisory services during high-severity security events, subject to the Consultant's availability and a mutually agreed-upon task order.
Requirements
What you’ll need- Minimum of 7–10 years of demonstrable experience in digital forensics, incident response, network traffic analysis, and malware triage as an independent consultant or agency.
- Must hold active, advanced security and forensic certifications (e.g., GCFA, GCIH, GNFA, CISSP, or equivalent).
- Public Trust eligibility is required; Active Secret clearance is highly preferred, with the ability to obtain a Top Secret (TS/SCI) clearance if dictated by specific engagement task orders.
- The Consultant (and any personnel deployed by the Consultant) must successfully pass a comprehensive multi-jurisdictional background check prior to accessing sensitive RSI Security or client infrastructure.
- Mastery of NIST SP 800-86 guidelines, enterprise network architecture, memory forensics, and advanced automation (Python, PowerShell, Bash).
Benefits
Comp & perks- Proactive Communication: Translate complex attack narratives into clear, actionable reporting for both technical and non-technical audiences.
- Data Security & Privacy: Maintain rigorous operational security (OPSEC) over all client data, utilizing encrypted channels and immediately relinquishing access and data upon project completion.
ATS Keywords
✓ Tailor your resumeApplicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard Skills & Tools
Digital Evidence AcquisitionMalware TriageMemory ForensicsAutomation (Python, PowerShell, Bash)Containment Strategies
Soft Skills
Analytical ThinkingAdvisory Services
Certifications
GCFAGCIHGNFACISSP