Digital Forensics and Incident Response Senior Manager

Key Role:

Manage and grow the firm’s Digital Forensics and Incident Response team and business in United Kingdom, Europe, and the Netherlands through delivery excellence by serving in a leadership role for significant or high-profile incident impacting our clients. Lead large, client-facing projects while mentoring and training junior team members, conduct host forensics, network forensics, log analysis, and malware triage in support of incident response investigations while using technology to conduct large-scale investigations and examine endpoint and network-based sources of evidence. Coordinate with client C-Suite, Security, Legal and IT resources, provide guidance and oversee response activities in support of the client across various Booz Allen DFIR and client business groups. Enhance technical capabilities of DFIR team through development of scripts, tools, or methodologies to improve the incident investigation processes and ensure that our solutions enable us to gather information necessary to employ rapid, independent decision making in stressful or fluid situations, including those that impact critical business systems. Build and implement containment and remediation plans with client’s security and IT operations teams and coordinate with our global team and on-site resources as required to achieve investigation and remediation goals. Lead incident scoping calls with existing and prospective clients and develop statement of work and pricing estimates for the engagement. Develop and present comprehensive and accurate reports, trainings, and presentations for both technical and executive audiences and help grow our international DFIR team and capability by providing your technical expertise in support of business development team efforts, marketing, or capability discussions with our current or prospective clients. This position is a hybrid role with a combination of working at a Booz Allen office or client site and working remotely.

Basic Qualifications:

  • 10+ years of experience with incident response or digital forensics
  • Experience with most common operating systems, including Windows, MacOS, Linux, iOS, or Android and their file systems, including ext3/4, HFS+, APFS, NTFS, or exFAT
  • Experience with conducting log analysis of various types of logs, including Windows Event Logs, Apache, IIS, and firewall logs
  • Experience with industry-standard forensic toolsets, including Carbon Black, EnCase, Axiom/IEF, and FTK
  • Ability to apply analytic, quantitative, and creative problem-solving expertise
  • Ability to anticipate and respond to changing priorities and operate effectively in a dynamic, demand-based environment, requiring flexibility and responsiveness to client matters and needs
  • Bachelor's degree

Additional Qualifications:

  • Ability to provide clarity in written and oral communication
  • Ability to display a commitment to learning and teaching others in a collaborative environment of talented high performers
  • Ability to demonstrate an outstanding work ethic, client service expertise, and a high level of professionalism.
  • Bachelor’s Degree in Cybersecurity, Digital Forensics, or another related field preferred
  • CCE, EnCE, CFCE, ACE, CISSP, GCIA, GCFE, GCFA, GREM, and GNFA Certifications preferred

We’re an equal employment opportunity/affirmative action employer that empowers our people to fearlessly drive change – no matter their race, color, ethnicity, religion, sex (including pregnancy, childbirth, lactation, or related medical conditions), national origin, ancestry, age, marital status, sexual orientation, gender identity and expression, disability, veteran status, military or uniformed service member status, genetic information, or any other status protected by applicable federal, state, local, or international law.

Not ready to apply? Join our talent community and sign up for job alerts.