Director, DFIR (Remote)

Location: Remote, USA

Role: Full time / Exempt

Compensation: $185K-$200K

What Makes You Stand Out

You are an accomplished cybersecurity professional well-versed in digital forensics and incident response (DFIR), and incident management. Your expertise displays your ability to manage challenging and dynamic consulting environments, where you excel in addressing advanced cybersecurity issues. Thriving under pressure, you consistently exhibit professionalism and are adept at performing risk mitigation and making well-informed decisions.

You have hands-on experience in simultaneously managing multiple cybersecurity incidents effectively. Your experience includes coordinating incident response efforts and collaborating with cross-functional teams, as well as external stakeholders including insurance carriers and legal counsel. Demonstrating a commitment to the career development of team members, you have successfully led teams ranging from 3-5 members. You are committed to fostering a collaborative environment, delivering quality based client results, and ensuring a timely resolution while minimizing downtime.

How You'll Make An Impact

Reporting directly to the Chief Delivery Officer, as a Director, Digital Forensics, and Incident Response, you will have career development and people management responsibility of a team ranging from 3-5 members of Forensic professionals. You will lead and oversee complex client-facing incident response engagements, collaborating closely with your team to guide clients through the entire incident response lifecycle from detection to recovery.

Your Role In Action

• Build and cultivate strong client relationships based on trust, open communication, and collaborative problem-solving.
• Work closely with the Chief Delivery Officer, the broader Engagement Lead team, and the Forensic Consulting team to lead and oversee active client-facing incident response engagements, to guide clients through the entire incident response lifecycle from detection to recovery.
• Conduct scoping calls with clients to define the incident scope, objectives, and expectations of each engagement, providing regular client updates.
• Work closely with the Project Management team, other Engagement Leads and the Forensic Consulting team to ensure effective coordination of resources and expertise on client matters.
• Provide well-informed solutions that go beyond immediate client challenges to achieve long-term security goals.
• Communicate complex cybersecurity concepts both internally and externally and produce clear and concise verbal and written reports detailing incident findings, and analysis.
• Invest in career development and provide mentorship to a team size ranging from 3-5 Forensic professionals and/or members of the Principal Engagement Lead team.
• Openly share knowledge and information with team members cultivating a culture of continuous learning, and staying up to date on industry trends, emerging threats, and best practices.
• Collaborate with internal teams, external partners, and clients to refine and document incident response processes and best practices.
• Partner with Product and Marketing to contribute to Surefire Cyber content and attend various industry conferences or events as needed.
• Provide after-hours (on-call/weekend rotational) support as required to address critical incidents and maintain continuous coverage.

Your Expertise

• Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, related degree, or relevant professional work experience in these disciplines.
• Former professional experience in leading and managing active cybersecurity engagements, including incident response, digital forensics investigations, and interaction with clients, legal counsel, and cyber insurers.
• Former professional experience in providing mentorship and career development, leading teams ranging in size from 3-5 members.
• Experience in conducting security investigations in Linux and Windows environments.
• Understanding of cloud platforms and security considerations within AWS (Amazon Web Services), Azure, and GCP (Google Cloud Platform).
• Knowledge of digital forensic artifacts and tools such as ELK, Axiom, Encase, FTK (Forensic Tool Kit), Volatility, or Open-Source tools.
• Proficiency in conducting forensic analysis, threat assessments, and post incident reviews.
• Eagerness to learn from team, grow your knowledge, and teach your colleagues.
• Ability to provide after-hours (on-call/weekend rotational) support as required to address critical incidents and maintain continuous coverage.

Expertise in all these areas is not required, but you should be excited by the opportunity to learn new things and comfortable with working with other team members to expand your knowledge base and experience. We at Surefire Cyber invite you to apply even if you do not feel you have mastery in all the requirements listed on the job description and welcome a further discussion.

Interview Process

• Submit interest and application to on our website
• Preliminary phone interview with the the Talent & People Team (approx., 30 minutes)
• Virtual/Teams interview with Engagement Leads (approx., 60 minutes)
• Virtual/Teams interview with DFIR Consultants (approx., 60 minutes)
• Virtual/Teams interview with Chief Delivery Officer (approx., 45 minutes)
• Mock Scenario Interview (approx., 60 minutes)
• Virtual/Teams interview with CEO (Chief Executive Officer) (approx., 30 minutes)

Please note that we reserve the right to modify the process at any time.

#LI-Remote