ZipRecruiter

Log In

1

Dfir Manager Jobs (NOW HIRING)

Computer Task Group, Inc

CSIRT Analyst

Buffalo, NY · On-site

$111K - $125K/yr

Overview Do you have a passion for Cyber Security, especially advanced Managed Detection & Response ... You conduct DFIR assignments, including DFIR readiness assessments * You participate in the weekly ...

Irongate Cybersecurity

Be Seen First

Digital Forensics & Incident Response Managing Consultant

Mclean, VA · Remote

$150K - $160K/yr

We are seeking a highly skilled and motivated Managing Consultant to join our Digital Forensics and Incident Response (DFIR) team. This role is ideal for an experienced analyst ready to take on ...

Computer Task Group, Inc

CSIRT Analyst

Buffalo, NY · On-site

Do you have a passion for Cyber Security, especially advanced Managed Detection & Response (MDR ... You conduct DFIR assignments, including DFIR readiness assessments * You participate in the weekly ...

Computer Task Group, Inc

CSIRT Analyst

Anchorage, AK

Do you have a passion for Cyber Security, especially advanced Managed Detection & Response (MDR ... You conduct DFIR assignments, including DFIR readiness assessments * You participate in the weekly ...

Computer Task Group, Inc

CSIRT Analyst

Buffalo, NY · On-site

Do you have a passion for Cyber Security, especially advanced Managed Detection & Response (MDR ... You conduct DFIR assignments, including DFIR readiness assessments * You participate in the weekly ...

Computer Task Group, Inc

CSIRT Analyst

Buffalo, NY

Do you have a passion for Cyber Security, especially advanced Managed Detection & Response (MDR ... You conduct DFIR assignments, including DFIR readiness assessments * You participate in the weekly ...

Computer Task Group, Inc

CSIRT Analyst

Buffalo, NY

Do you have a passion for Cyber Security, especially advanced Managed Detection & Response (MDR ... You conduct DFIR assignments, including DFIR readiness assessments * You participate in the weekly ...

Bechtle

... SOC, DFIR und SecDevOps * Du führst regelmäßige Service Reviews, Reportings und ... NDR) und Managed Services * Ausgeprägte Kommunikationsstärke, Kundenorientierung sowie ...

Computer Task Group, Inc

CSIRT Analyst

Anchorage, AK · On-site

Do you have a passion for Cyber Security, especially advanced Managed Detection & Response (MDR ... You conduct DFIR assignments, including DFIR readiness assessments * You participate in the weekly ...

KPMG

Manager, Forensic Technology

Boston, MA · On-site

$103K - $206K/yr

Manage and advise clients through the execution of end-to-end dead-box forensic investigations ... Experience utilizing industry-standard command-line DFIR tools and techniques * Experience with ...

next page

Showing results 1-20

All JobsDfir Manager Jobs

Dfir Manager information

What is a DFIR Manager?

A DFIR Manager is a cybersecurity professional responsible for leading Digital Forensics and Incident Response (DFIR) teams. They oversee investigations into security incidents, manage response efforts, and ensure that digital evidence is collected and preserved correctly. DFIR Managers also develop and implement incident response plans, coordinate communication between stakeholders, and provide guidance to technical staff to minimize the impact of cyber threats. Their role is crucial in helping organizations recover from security breaches and in preventing future incidents.

What are the key skills and qualifications needed to thrive as a DFIR (Digital Forensics and Incident Response) Manager, and why are they important?

To thrive as a DFIR Manager, you need a solid background in cybersecurity, digital forensics, and incident response, often supported by a degree in computer science or related fields and industry certifications like GCFA or CISSP. Familiarity with forensic analysis tools (e.g., EnCase, FTK), SIEM systems, and threat intelligence platforms is crucial. Strong leadership, communication, and problem-solving skills help you coordinate teams and effectively manage crisis situations. These skills are vital for leading complex investigations, ensuring rapid and accurate incident response, and protecting organizational assets from cyber threats.

What is the difference between Dfir Manager vs Cybersecurity Analyst?

AspectDfir ManagerCybersecurity Analyst
Required CredentialsCertifications like GIAC, CISSP, or CISA; experience in digital forensics and incident responseCertifications such as CompTIA Security+, CISSP, or GIAC; focus on security monitoring and analysis
Work EnvironmentIncident response teams, forensic labs, corporate security departmentsSecurity operations centers, threat analysis teams, IT departments
Employer & Industry UsageUsed in cybersecurity firms, law enforcement, large corporationsCommon across industries with IT infrastructure, government agencies, private sector

The Dfir Manager primarily oversees digital forensics and incident response processes, focusing on investigating cyber incidents. In contrast, a Cybersecurity Analyst monitors security systems, analyzes threats, and supports prevention efforts. While both roles require cybersecurity certifications and work in security-focused environments, their core responsibilities differ: one manages forensic investigations, the other focuses on threat detection and prevention.

How does a DFIR Manager typically coordinate incident response efforts with other departments during a cybersecurity event?

A DFIR Manager plays a crucial role in orchestrating incident response by collaborating closely with IT, legal, compliance, and executive teams. During a cybersecurity event, they facilitate communication between technical responders and stakeholders, ensuring everyone is informed of the incident's status and required actions. The manager assigns roles, oversees evidence collection, and ensures that response steps align with company policies and regulatory requirements. This cross-functional coordination is essential for timely containment, mitigation, and post-incident review.
More about Dfir Manager jobs
What cities are hiring for Dfir Manager jobs? Cities with the most Dfir Manager job openings:
What are the most commonly searched types of Dfir jobs? The most popular types of Dfir jobs are:
What states have the most Dfir Manager jobs? States with the most job openings for Dfir Manager jobs include:
What job categories do people searching Dfir Manager jobs look for? The top searched job categories for Dfir Manager jobs are:
Dfir Manager jobs near you
Infographic showing various Dfir Manager job openings in the United States as of June 2026, with employment types broken down into 18% As Needed, 18% Temporary, 55% Contract, and 9% Nights. Highlights an 92% Physical, 2% Hybrid, and 6% Remote job distribution.
CSIRT Analyst

CSIRT Analyst

Computer Task Group, Inc

Buffalo, NY • On-site

$111K - $125K/yr

Full-time

Posted 18 days ago

Job description

Overview

Do you have a passion for Cyber Security, especially advanced Managed Detection & Response (MDR)? Does Incident Response, Digital Forensics, Threat Hunting, Threat Intelligence and everything related to Cyber Security feel like second nature to you? Are you a Cyber Defender at heart, driven to strengthen the blue team and help organizations that are under attack? If you answered yes to all of these questions, you might be the perfect fit for our CSIRT Analyst role!

  • You handle security alerts/incidents that have been escalated by the SOC Analysts (Tier 2)
  • You will handle security alerts and incidents together with your team
  • You conduct DFIR assignments, including DFIR readiness assessments
  • You participate in the weekly Threat Hunting duty to proactively chase threats through novel Tools, Techniques & Procedures (TTPs)
  • You will perform compromise assessments to identify potential compromises and their scope
  • You collect Threat Intelligence (IOCs and TTPs)
  • You will contribute to Detection Engineering in SIEM, xDR.
  • Together with the Red Team you will do Purple Teaming exercises to test and improve defenses
  • You contribute to the creation of playbooks in SOAR
  • You will co-write processes and procedures related to DFIR, Threat Intelligence, Threat Hunting.
  • You will be part of our Incident Response on call service.

What you need to succeed:

  • At least 3-5 years of experience in a similar position.
  • Significant hands-on experience in disk, memory and log acquisition in a forensically sound manner, parsing and deep forensic analysis of extracted artifacts and professional post-incident report writing
  • A bachelor or master degree or equivalent through experience.
  • A hands-on and proactive mindset with a 'can do' mentality.
  • Experience and/or interest in working with the following MDR tools: EDR (CrowdStrike Falcon, MS Defender for Endpoint, Sentinel One, ...), NDR (Vectra, Darktrace, ...), xDR (CrowdStrike Identity Protection, MS Defender for Office/Clouds Apps/Identity/...).
  • Knowledge of Security Monitoring with SIEM technologies.A passion about the following security capabilities: Security Monitoring, Digital Forensics, Incident Response, Threat Intelligence, Threat Hunting.
Computer Task Group logo

About Computer Task Group

Sourced by ZipRecruiter

We know that achieving our mission begins and ends with our people—and by people we mean you. Regardless of individual roles or responsibilities, regardless of industry or subject matter expertise, our lives happen in relation to other people—our colleagues, clients, and partners. CTG cultivates a workplace that attracts and develops the best people. Being Great Place to Work-CertifiedTM not only supports our Vision but also validates the rewarding workplace culture that has made CTG a leading IT and digital solutions and services company for more than 55 years.

Company size

1,001 - 5,000 Employees

Headquarters location

Buffalo, NY, US

Year founded

1966

Social media

FacebookTwitter

View All Computer Task Group Jobs