DFIR Engagement Manager
DFIR Engagement Manager
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Not Disclosed
Salary Not Disclosed
1 Vacancy
Job Description
About the role:
SentinelOnes Vigilance DFIR team conducts digital forensic investigations and threat hunting operations for global clients. Our team provides multiple levels of proactive and reactive services to our clients to include incident readiness assessments table-top exercises purple-team activities full-breach investigation malware analysis and hunting operations. The selected candidate will be an experienced investigator and endpoint-based hunter with superior technical and customer services skills.
SentinelOnes DFIR team conducts digital forensics investigations incident response and breach readiness engagements for global clients. Our team provides comprehensive proactive and reactive services including incident readiness assessments tabletop exercises purple-team activities full-breach investigations malware analysis and threat-hunting operations. This role will support thereactiveDFIR services managing the overall success of cyber incident investigations. In this role you will work with our global team of DFIR analysts and serve as the point of contact with customers throughout the entirety of an investigation. The ideal candidate will be an experienced leader with technical expertise and exceptional client management skills.
What will you do
- Lead business development activities including scoping requirements gathering and contract development
- Collaborate with account teams and internal and external legal counsel to ensure service agreements and statements of work are in place
- Handle high-stakes client interactions involving legal counsel or executive stakeholders
- Oversee active DFIR investigations ensuring exceptional quality and timeliness of deliverables
- Establish and maintain clear communication channels with all stakeholders
- Manage DFIR investigation objectives timelines resource allocation
- Coordinate cross-functional teams including internal resources and external vendors
- Handle escalations and resolve technical or operational challenges
- Ensure proper evidence handling and documentation throughout investigations
- Maintain oversight of case documentation and artifact archival
- Ensure adherence to standard operating procedures and best practices
- Lead post-engagement reviews and process improvement initiatives
- Conduct technical analysis including endpoint forensics log analysis and threat-hunting when required
- Maintain flexibility with schedule and participate in weekend and holiday on-call schedule
- Adopt and follow our core values amongst the team:
- Trust We earn our clients trust via technical expertise and a customer-first mindset.
- Accountability Every team member contributes to our group success via diligently fulfilling their assigned duties.
- Collaboration The DFIR team works closely with our threat intelligence research MDR and product teams to ensure the success of every investigation.
- Relentlessness We will leave no stone unturned to provide outstanding service and fulfill our clients needs.
- Ingenuity If no tool or process exists to enable our investigations and hunts then we will create one. There is always a way to improve existing methodologies.
- Community The DFIR team supports each other as we grow and improve ourselves and our service.
- 5 years of hands-on consulting experience in digital forensics and incident response
- Proven track record of managing complex incident response engagements
- Expert-level experience with industry-standard forensic tools and methodologies
- Strong understanding of and experience with EDR/XDR platforms and security technologies
- Experience conducting malware analysis and memory forensics preferred
- Demonstrated experience in endpoint-based threat-hunting and compromise assessments
- Experience working with cyber threat intelligence platforms and processes
- Excellence in client communication and relationship management
- Experience working with legal teams and insurance carriers
- Strong project management and team leadership skills
- Industry certifications (GCFE GCFA CFCE EnCE or similar) preferred
- Active participation in the security community through speaking engagements or publications preferred
- Evident self-starter with intellectual curiosity and the ability to adapt to change
Why us
You will be joining a cutting-edge company where you will tackle extraordinary challenges and work with the very best in the industry.
- Medical Vision Dental 401(k) Commuter Health and Dependent FSA
- Unlimited PTO
- Industry leading gender-neutral parental leave
- Paid Company Holidays
- Paid Sick Time
- Employee stock purchase program
- Disability and life insurance
- Employee assistance program
- Gym membership reimbursement
- Cell phone reimbursement
- Numerous company-sponsored events including regular happy hours and team building events
Required Experience:
Manager
Employment Type
Full Time
