Director, DFIR

Job Description: • Build and cultivate strong client relationships based on trust, open communication, and collaborative problem-solving. • Work closely with the Chief Delivery Officer, the broader Engagement Lead team, and the Forensic Consulting team to lead and oversee active client-facing incident response engagements, to guide clients through the entire incident response lifecycle from detection to recovery. • Conduct scoping calls with clients to define the incident scope, objectives, and expectations of each engagement, providing regular client updates. • Work closely with the Project Management team, other Engagement Leads and the Forensic Consulting team to ensure effective coordination of resources and expertise on client matters. • Provide well-informed solutions that go beyond immediate client challenges to achieve long-term security goals. • Communicate complex cybersecurity concepts both internally and externally and produce clear and concise verbal and written reports detailing incident findings, and analysis. • Invest in career development and provide mentorship to a team size ranging from 3-5 Forensic professionals and/or members of the Principal Engagement Lead team. • Openly share knowledge and information with team members cultivating a culture of continuous learning, and staying up to date on industry trends, emerging threats, and best practices. • Collaborate with internal teams, external partners, and clients to refine and document incident response processes and best practices. • Partner with Product and Marketing to contribute to Surefire Cyber content and attend various industry conferences or events as needed. • Provide after-hours (on-call/weekend rotational) support as required to address critical incidents and maintain continuous coverage. Requirements: • Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, related degree, or relevant professional work experience in these disciplines. • Former professional experience in leading and managing active cybersecurity engagements, including incident response, digital forensics investigations, and interaction with clients, legal counsel, and cyber insurers. • Former professional experience in providing mentorship and career development, leading teams ranging in size from 3-5 members. • Experience in conducting security investigations in Linux and Windows environments. • Understanding of cloud platforms and security considerations within AWS (Amazon Web Services), Azure, and GCP (Google Cloud Platform). • Knowledge of digital forensic artifacts and tools such as ELK, Axiom, Encase, FTK (Forensic Tool Kit), Volatility, or Open-Source tools. • Proficiency in conducting forensic analysis, threat assessments, and post incident reviews. • Eagerness to learn from team, grow your knowledge, and teach your colleagues. • Ability to provide after-hours (on-call/weekend rotational) support as required to address critical incidents and maintain continuous coverage. Benefits: • Competitive compensation plan and total rewards package for team members • Remote workforce • Generous paid time off plan and floating holidays • Paid parental leave • Employer paid premiums for both team members and their dependents for medical, dental, and vision • Comprehensive health, vision, dental, 401K matching program, disability, Flexible Spending Accounts (FSA), Health Savings Account (HSA), Life and AD&D benefits. • Professional development and career advancement opportunities • We prioritize employee growth and development through a robust performance management platform to provide ongoing coaching, clear feedback, recognition, and opportunities for career growth.