Job Details

Director, Digital Forensics and Incident Response (CONSULTANCY)

Washington, DC, United States
  • Employment Type: Direct Hire

Our client is seeking a Director of Incident Response & Forensics to work in their Washington, D.C. location! The Director will help drive results for clients by delivering innovative and effective solutions supporting risk and reactive cybersecurity services including breach, IR, and forensic investigation. This role will manage local teams of experts and require significant hands-on technical experience. You must be able and willing to image a hard drive day one! The Director will report to the Vice President or Managing Director in the unit to scope, coordinate, oversee, and perform numerous collections and investigations. GCFE, GCIH, CCE, EnCE or equivalent digital forensics / incident response certification; deep experience with most common operating systems (Windows, macOS, Linux, iOS, Android) and their file systems (ext3/4, HFS+, APFS, NTFS, exFAT, etc.); proficiency with industry-standard forensic toolsets, including X-Ways, EnCase, Axiom/IEF, Cellebrite, and FTK; proficiency with database querying and analysis; experience with cloud infrastructures for the enterprise, such as Amazon Web Services, G Suite, Office 365, and Azure; and experience conducting log analysis of Windows Event Logs, Apache, IIS, and firewall logs are desired. This role could require some travel. Send resumes to [email protected]

Job Responsibilities:

  • Performs the most complex forensic analyses handled by the firm
  • Investigates network intrusions and other cybersecurity incidents to determine the cause and extent of the breach; includes ability to perform host-based and network-based analysis across all major operating systems and network device platforms
  • Provides expert testimony in trials, depositions, and other proceedings
  • Supervises other Digital Forensics and Incident Response staff, including coordinating teams of experts, assuring stellar work product, and assisting with performance reviews and mentorship of cybersecurity experts
  • Demonstrates self-sufficiency in leading digital forensic casework
  • Ensures that client matters are staffed adequately and efficiently and that deadlines are met
  • Produces high quality oral and written work product presenting complex technical matters clearly and concisely
  • Forms and articulates expert opinions based on analysis
  • Drafts and conducts peer review of expert reports, affidavits, and other expert testimony
  • Maintains proficiency with industry standard tools and practices and seeks opportunities to enhance depth and areas of proficiency
  • Collaborates with Marketing on collateral and thought leadership content
  • Seeks opportunities to broaden expertise of the digital forensic examiners and staff through in-house and outside training
  • Ensures the smooth functioning of the forensic laboratory under direct supervision; fosters teamwork, information sharing, and inter-office collaboration and consistency

Required Expertise:

  • GCFE, GCIH, CCE, EnCE or equivalent digital forensics / incident response certification
  • Deep experience with most common operating systems (Windows, macOS, Linux, iOS, Android) and their file systems (ext3/4, HFS+, APFS, NTFS, exFAT, etc.)
  • Proficiency with industry-standard forensic toolsets, including X-Ways, EnCase, Axiom/IEF, Cellebrite, and FTK
  • Proficiency with database querying and analysis
  • Experience with cloud infrastructures for the enterprise, such as Amazon Web Services, G Suite, Office 365, and Azure
  • Experience with conducting log analysis of Windows Event Logs, Apache, IIS, and firewall logs
  • Demonstrated ability to perform as an expert witness
  • Strong work ethic
  • Even stronger analytic, quantitative, and creative problem-solving abilities
  • Outstanding client service skills
  • Clarity in written and oral communication
  • Confidence, humility, openness, kindness, and a commitment to learning and teaching others

Preferred Experience:

  • Ability to serve as a technical, hands-on, lead for major investigations
  • Strong work ethic and motivation, with a demonstrated history of ability to lead a team and develop talent
  • Interest in building intellectual capital for the firm by writing blogs, submitting to CFPs, and creating internal tools for analysis
  • Ability to anticipate and respond to changing priorities and operate effectively in a dynamic, demand-based environment, requiring flexibility and responsiveness to client matters and needs
  • Strong verbal and written communication skills
  • Must be able to work collaboratively across agencies and physical locations
  • Participation in technical meetings and working groups to address issues related to malware security, vulnerabilities, and issues of cybersecurity and preparedness
  • High level of professionalism in all areas of performance
  • Constantly developed DFIR skill set and proficiency with industry standard tools and practices, through outside training and research
  • Comfort with intermittent periods of significant travel, evening and weekend hours
  • Confidence, humility, openness, kindness, and a commitment to learning and teaching others

Education:

  • Bachelor’s degree required
  • Sustained excellence in digital forensics, incident response, or applicable technical field

CLIENT offers a competitive total rewards package, continuing education and training, and tremendous potential with a growing worldwide organization.
 

Interested in this job? Get in touch.

(Accepted file formats are PDF, DOC, DOCX, TXT, RTF and ZIP. File size maximum is 2 MB.)