Technical Manager (Digital Forensics & Incident Response)

About The Position

Requirements

• Active Top Secret with SCI eligibility
• Bachelor's or Master's degree in Information Technology, Cybersecurity, Computer Science, Information Systems, Data Science, or Software Engineering
• 12 years of experience, including supervisory or management experience
• One of the following active certifications required: GIAC Certified Forensic Analyst (GCFA) or GIAC Certified Incident Handler (GCIH) or equivalent certification
• Minimum 7 years of hands-on experience in Digital Forensics and Incident Response (DFIR), with at least 5 years focused on network intrusion analysis, malware forensics, and memory analysis
• Minimum 3 years of experience within the last 5 years in a leadership or supervisory role, responsible for leading intrusion investigations, managing incident responders, and briefing technical findings to leadership
• Demonstrated experience within the last 3 years analyzing advanced persistent threat (APT) activity and correlating findings from multiple data sources (e.g., host forensics, network logs, and threat intelligence)

Responsibilities

• Serve as the lead for all Digital Forensics and Incident Response (DFIR) activities.
• Provide direct management and technical oversight of all activities performed by intrusion analysis and incident response personnel.
• Lead intrusion investigations.
• Manage incident responders.
• Brief technical findings to leadership.
• Ensure all tasks are accomplished in accordance with requirements.
• Act as the primary technical point of contact for the Government regarding all intrusion analysis and incident response tasks.
• Proactively alert the Government to potential technical, programmatic, or resource limitation issues.

Benefits

• Overtime
• Shift differential
• Discretionary bonus