Digital Forensics & Incident Response Manager
RSM US LLP
full-time
Posted on:
Location Type: Office
Location: Chicago • Illinois • Ohio • United States
Visit company websiteExplore more
Salary
💰 $107,000 - $214,500 per year
Tech Stack
About the role
- Serve as incident commander during high-severity events, particularly ransomware and enterprise-scale breaches
- Oversee multiple concurrent engagements, ensuring quality, consistency, and appropriate resource allocation
- Define investigative strategy and escalation thresholds for complex incidents
- Align technical response with legal, regulatory, insurance, and executive considerations
- Review and approve investigative findings, containment validation, and executive reporting
- Act as senior advisor to client executives, legal counsel, and cyber insurers
- Provide guidance to Supervisors on advanced investigative decisions and complex threat actor scenarios
- Maintain executive-level communication cadence during incidents
- Support development of standardized methodologies, playbooks, and quality controls across the practice
- Mentor Supervisors and Consultants in both technical depth and client leadership
- Participate in on-call rotation and provide oversight during critical incidents
Requirements
- Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or equivalent experience
- Proven experience leading enterprise-scale ransomware and breach investigations
- Deep understanding of threat actor operations and ransomware tradecraft
- Strong hands-on familiarity with EDR platforms, SIEM technologies, and forensic toolsets
- Demonstrated ability to manage multiple high-pressure engagements simultaneously
- Experience coordinating with legal counsel, cyber insurance carriers, and executive leadership
- Strong executive presence and crisis communication ability
- Experience mentoring and developing DFIR leaders
- Certifications such as GCFA, GCIH, CISSP, OSCP, or equivalent preferred
Benefits
- flexibility in your schedule
- empowering you to balance life’s demands
- total rewards including competitive benefits and compensation package
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard Skills & Tools
ransomware investigationsbreach investigationsthreat actor operationsransomware tradecraftEDR platformsSIEM technologiesforensic toolsetsincident commandinvestigative strategyescalation thresholds
Soft Skills
executive presencecrisis communicationmentoringleadershipresource allocationquality controlclient communicationguidanceoversightdecision making
Certifications
GCFAGCIHCISSPOSCP