Senior Director of Digital Forensics & Incident Response

Otis Elevator Co.Farmington, CT
$198,000 - $250,000Onsite

About The Position

The Senior Director of Digital Forensics & Incident Response (DFIR), reporting to the VP of Global Cyber Defense, is a strategic and operational leader responsible for building, scaling, and leading a global capability to detect, respond to, and investigate cyber incidents across the enterprise. This leader will oversee a 24x7x365 Global Security Operations Center (GSOC), lead enterprise-wide incident response efforts, and drive forensic investigations supporting Legal, HR, Compliance, Privacy, and executive stakeholders, while ensuring alignment with regulatory, legal, and risk management requirements.

Requirements

  • Bachelor’s degree in Cybersecurity, Computer Science, Information Systems, or related field
  • 15+ years of progressive experience in cybersecurity within a large, global enterprise environment
  • Proven experience building and leading a GSOC and incident response program
  • Deep expertise in: Incident Response (IR) & Cyber Crisis Management, Digital Forensics & Investigations, DLP & Insider Risk, and eDiscovery processes and technologies
  • Experience managing and governing MSSPs
  • Strong track record defining and managing SLAs, KPIs, and KRIs
  • Strong hands-on or leadership familiarity with: Microsoft 365 / Microsoft Security ecosystem (Defender, Purview, Sentinel), EDR/XDR platforms (e.g., CrowdStrike, Microsoft Defender, etc.), Digital forensics tools and methodologies, Cloud security (especially SaaS and hybrid environments), SASE / Zero Trust architectures
  • Exceptional leadership, team-building, and mentoring capabilities
  • Executive-level communication skills with the ability to translate technical issues into business risk
  • Strong decision-making under pressure, particularly during live cyber incidents
  • Ability to influence cross-functional stakeholders including Legal, Compliance, Privacy, and IT
  • Applicants must have authorization to work in the U.S. now and in the future without sponsorship.

Nice To Haves

  • Relevant certifications strongly preferred: CISSP, CISM, or equivalent, GIAC (e.g., GCFA, GCIH) or forensic certifications, eDiscovery or legal/forensic certifications a plus

Responsibilities

  • Lead and operate a 24x7x365 GSOC serving enterprise IT and OT environments.
  • Define and execute the GSOC strategy, including partnering with detection engineering, automation, threat-intelligence integration, and continuous maturity improvement.
  • Establish and monitor Service Level Agreements (SLAs), Key Performance Indicators (KPIs), Key Risk Indicators (KRIs), and operational metrics to ensure effective threat detection and response.
  • Drive continuous improvement of advanced technologies (SIEM, SOAR, UEBA, XDR) to enhance visibility and reduce response times.
  • Lead the global Digital Forensics and Incident Response (DFIR) program across a large, distributed enterprise environment.
  • Define and execute a multi-year roadmap for incident response, digital forensics, cyber investigations, and insider risk capabilities.
  • Build, mentor, and retain high-performing global teams across DFIR, DLP, and eDiscovery functions.
  • Act as a senior advisor to executive leadership during major cyber incidents and crisis situations.
  • Oversee the end-to-end incident response lifecycle including preparation, detection, analysis, containment, eradication, and recovery.
  • Lead and continuously improve the GSOC.
  • Establish and test cyber incident response playbooks, tabletop exercises, and crisis simulations.
  • Drive threat-driven and intelligence-led response capabilities.
  • Lead advanced digital forensic investigations involving endpoints, cloud, identity systems, and network environments.
  • Ensure forensic readiness, evidence preservation, and chain-of-custody standards are maintained.
  • Partner with Legal, HR, and Compliance on internal investigations, litigation support, and eDiscovery efforts.
  • Oversee enterprise Data Loss Prevention (DLP) and insider risk programs, including policy design, monitoring, and enforcement.
  • Leverage platforms such as Microsoft Purview and M365 security capabilities to protect sensitive data.
  • Align DLP and insider risk initiatives with regulatory requirements and business objectives.
  • Manage strategic relationships with Managed Security Service Providers (MSSPs) and digital forensics vendors.
  • Establish and monitor SLAs, KPIs, and KRIs.
  • Ensure vendors meet performance, quality, and compliance expectations.
  • Drive adoption and optimization of security technologies, including: Microsoft 365 Security & Compliance (Purview, Defender), Digital forensics tooling (e.g., EnCase, FTK, X-Ways, etc.), Endpoint Detection & Response (EDR/XDR), DLP solutions, SASE and modern network security architecture.
  • Continuously evaluate emerging technologies to enhance detection, response, and investigative capabilities.

Benefits

  • 401(k) plan with a generous company match and an automatic retirement contribution
  • Comprehensive medical, prescription drug, dental, and vision coverage
  • Three weeks of paid vacation
  • Paid company holidays
  • Paid sick leave
  • Employee assistance and wellness incentive programs
  • Life insurance and disability coverage
  • Voluntary benefits, including options for legal, pet, home, and auto insurance
  • Generous birth/adoption and parental leave benefits
  • Adoption assistance
  • Tuition reimbursement program
  • Service anniversaries recognition
  • Spot performance bonus opportunities
  • Annual bonus targeted at 25%
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service