Gritter Francona is looking for a Cyber Defense Forensics Lead to support a potential project with the Department of Homeland Security. The Forensics Lead will manage and direct the forensics and insider threat operations supporting U.S. Customs and Border Protection (CBP). The Lead will direct a team of expert analysts responsible for conducting digital forensic investigations, monitoring for data loss, and analyzing insider threat activities. The role requires deep technical expertise in forensic tools and methodologies, a solid understanding of incident response, and the ability to lead complex investigations from start to finish.
Key responsibilities include:
- Lead the CDF team in supporting insider threat operations, monitoring Data Loss Prevention (DLP) solutions, and investigating policy violations.
- Direct enterprise and endpoint digital forensic analysis on Windows, Linux, Mac, and cloud systems in support of investigations.
- Oversee the maintenance of the CBP SOC's forensics lab and provide recommendations for modernizing its capabilities.
- Manage the lifecycle of CDF investigations, ensuring findings are documented in formal investigation reports and cases are properly escalated to law enforcement entities when necessary.
- Serve as the team's Subject Matter Expert (SME) in evidence preservation, chain of custody, and malware analysis.
Requirements
- A minimum of seven (7) years of professional experience with a solid understanding of incident response, insider threat investigations, and forensics.
- A minimum of five (5) years of hands-on experience, including recent experience with host-based and network-based security monitoring, forensic tools, SIEM platforms, and endpoint threat detection.
- Experience collecting data, reporting results, and handling the escalation of security issues.
- Proven ability to create insider threat focused dashboards, reports and workflow diagrams.
Benefits
- Health Care Plan (Medical, Dental & Vision)
- Retirement Plan (401k, IRA)
- Life Insurance (Basic, Voluntary & AD&D)
- Paid Time Off (Vacation, Sick & Public Holidays)
- Short Term & Long Term Disability
- Training & Development
Skills Required
- A minimum of seven (7) years of professional experience with incident response, insider threat investigations, and forensics
- A minimum of five (5) years of hands-on experience with security monitoring, forensic tools, SIEM platforms, and endpoint threat detection
- Experience collecting data, reporting results, and handling escalation of security issues
- Proven ability to create insider threat focused dashboards, reports and workflow diagrams
What We Do
Gritter Francona is a Service Disabled Veteran Owned Small Business (SDVOSB) providing specialized Business and IT Solutions to the government.
