DFIR Engagement Manager
SentinelOne
full-time
Posted on:
Location Type: Remote
Location: Remote • 🇺🇸 United States
Visit company websiteSalary
💰 $128,800 - $150,000 per year
Job Level
Mid-LevelSenior
About the role
- Lead business development activities including scoping, requirements gathering, and contract development
- Collaborate with account teams and internal and external legal counsel to ensure service agreements and statements of work are in place
- Handle high-stakes client interactions involving legal counsel or executive stakeholders
- Oversee active DFIR investigations, ensuring exceptional quality and timeliness of deliverables
- Establish and maintain clear communication channels with all stakeholders
- Manage DFIR investigation objectives, timelines, resource allocation
- Coordinate cross-functional teams including internal resources and external vendors
- Handle escalations and resolve technical or operational challenges
- Ensure proper evidence handling and documentation throughout investigations
- Maintain oversight of case documentation and artifact archival
- Ensure adherence to standard operating procedures and best practices
- Lead post-engagement reviews and process improvement initiatives
- Conduct technical analysis including endpoint forensics, log analysis, and threat-hunting when required
- Maintain flexibility with schedule and participate in weekend and holiday on-call schedule.
Requirements
- 5+ years of hands-on consulting experience in digital forensics and incident response
- Proven track record of managing complex incident response engagements
- Expert-level experience with industry-standard forensic tools and methodologies
- Strong understanding of and experience with EDR/XDR platforms and security technologies
- Experience conducting malware analysis and memory forensics preferred
- Demonstrated experience in endpoint-based threat-hunting and compromise assessments
- Experience working with cyber threat intelligence platforms and processes
- Excellence in client communication and relationship management
- Experience working with legal teams and insurance carriers
- Strong project management and team leadership skills
- Industry certifications (GCFE, GCFA, CFCE, EnCE, or similar) preferred
- Active participation in the security community through speaking engagements or publications preferred
- Evident self-starter with intellectual curiosity and the ability to adapt to change.
Benefits
- Medical, Vision, Dental, 401(k), Commuter, Health and Dependent FSA
- Unlimited PTO
- Industry leading gender-neutral parental leave
- Paid Company Holidays
- Paid Sick Time
- Employee stock purchase program
- Disability and life insurance
- Employee assistance program
- Gym membership reimbursement
- Cell phone reimbursement
- Numerous company-sponsored events including regular happy hours and team building events
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard skills
digital forensicsincident responseendpoint forensicslog analysisthreat-huntingmalware analysismemory forensicsEDR platformsXDR platformscyber threat intelligence
Soft skills
client communicationrelationship managementproject managementteam leadershipproblem-solvingflexibilityadaptabilityself-starterintellectual curiositystakeholder communication
Certifications
GCFEGCFACFCEEnCE