Dfir Jobs (NOW HIRING)

Description

Why choose FRSecure? We believe information security is fun. We focus on equipping our clients, communities, and employees with knowledge to better protect themselves against risk. Our first core value, we tell the truth, sets a foundation for meaningful relationships and employee growth, ultimately providing the highest quality work in the industry. We are consistently awarded for outstanding service, industry-leading methodology, organizational growth, and a reputable culture. Our benefits are something to talk about as well. We offer a flexible and rewarding work environment, medical, dental and vision insurance, HSA/FSA/DCA accounts, life and disability insurance, 401(k) with employer match up to 4%, employee assistance program (EAP), unlimited paid time off, paid parental leave, education/growth assistance, pet insurance, and more.

We are experts on a mission to fix the broken information security industry. We believe that behind every data compromise are people, and everyone deserves to have their data and livelihood protected. We take great pride in what we do and how we do it, and we truly believe we can accomplish our mission. It starts with hiring the right people to help us get there. If this resonates with you, apply now to join our dedicated team!

Position Summary: The Incident Response (DFIR) Case Manager is responsible for providing support to clients when they have become or suspect they may be the victim of a cyber-attack. This is done by conducting high quality and timely incident response investigations in environments of varying security maturity including identification and containment phases and advising clients regarding recovery and remediation steps to assist them in returning to normal business operations. Our Incident Response Case Managers have a blend of proactive project responsibilities, such as leading tabletops and plan coaching, as well as triage and case work.

Working Location: This position is available on a full-time remote basis in the following states: Arizona, Colorado, Florida, Georgia, Idaho, Illinois, Kansas, Kentucky, Massachusetts, Michigan, Minnesota, Montana, North Carolina, Ohio, Pennsylvania, South Dakota, Tennessee, Texas, Washington, and Wisconsin. Only candidates located in the United States will be considered. Office headquarters and operational business hours are based in Edina, MN (Central Time).

Application Deadline: June 5, 2026 

What Your Day Looks Like as an Incident Response (DFIR) Case Manager:

• Performing a forensic review of client systems for artifacts and indicators of compromise (IOCs) to further identify, contain, and eradicate malware and/or malicious intruders
• Conducting triage, threat-hunting, and case management for incident response clients
• Documenting detailed evidence, findings, and create a report output
• Meeting with clients during the planning, information sharing, and technical support stages
• Creating and delivering proactive projects to clients including tabletop exercises, plan coaching, assessments
• Conducting regular calls with clients to consult on incident response programs
• Continue education by researching and investigating developments in cyber forensics/attack methodologies; increase existing skillset to handle these matters
• Attending and participating in regular internal meetings
• Participating in on-call rotation, providing timely and effective support to clients, ensuring adherence to service level agreements (SLAs) and resolving issues within established response and resolution times
• Performing periodic after-hours and weekends on-call work

Working Hours: Standard working hours for this position are between 8:00am-5:00pm in the time zone in which the employee is based, with the expectation that there may be client calls, project/task responsibilities, meetings, or other company obligations in which the employee will need to work outside of these hours, as standard business hours are 8:00am-5:00pm Central Time.

This position also includes on-call responsibilities. On-call duty will be 1 week in duration with the on-call assignment being dependent upon the number of Case Managers on the team. During the on-call rotation, the employee will be required to monitor an email inbox for incoming CSIRT requests as well as answer incoming calls to the CSIRT after-hours hotline and perform incident triage duties.

Travel: There is minimal travel associated with this position, typically less than 5-10%. Occasional travel includes conferences or on-site client projects as needed, as well as any team or company activities.

Requirements

What You Bring to the Incident Response (DFIR) Case Manager role:

• 3-5 years of information security experience
• 3-5 years of experience with Active Directory, Systems Administration, Exchange Administration, M365 and/or other cloud environments
• 3-5 years of experience in presenting information security concepts
• GCIH, GCFA, ECIH certifications preferred
• Prior experience in threat hunting and/or incident handling
• Prior experience in management of EDR and/or SIEM technologies
• Experience with firewalls and network devices best practices and logging
• Solid understanding of computer systems administration in large environments
• Demonstrated analytical skills to interpret data, identify trends, and ensure accuracy in all deliverables
• Ability to clearly convey complex information to diverse audiences and actively listen to understand needs and provide effective solutions
• Proven customer service skills with a customer-focused mindset, including the ability to build relationships, resolve issues effectively, and deliver a positive, responsive client experience
• Ability to communicate highly technical topics to non-technical people effectively
• Ability to handle and work with large amounts of data
• Proficient with all Microsoft Office Suite products

Salary: FRSecure believes in and operates with equitable hiring practices. The starting salary range is $85,000-116,000, not including any bonus, incentive commission, or benefits. The range displayed on each job posting reflects the defined starting salary range for the position across the United States. Within the range, pay offered is determined by a variety of factors that include but are not limited to job-related skills, experience, and relevant education or training.

Commission eligible: No

FLSA Status: Exempt

Your Recruiter will be able to discuss further details related to commission, bonuses, or other specific salary information related to this position.

Former and Current Employees: To qualify for this position, former employees must be eligible for rehire, and current employees must be in good standing.

Employment and Application Statements

FRSecure, LLC is committed to the principles of equal employment. We comply with all federal, state, and local laws providing equal employment opportunities, and all other employment laws and regulations. It is our intent to maintain a work environment that is free of harassment, discrimination, or retaliation because of race, color, creed, religion, national origin, sex, sexual orientation (including transgender status, gender identity or expression), pregnancy (including childbirth, lactation, or related conditions), marital status, disability, public assistance, age, and familial status, genetic information, local commissions activity, veteran status, uniformed servicemember status, or any other status protected by federal, state, or local laws.

FRSecure is dedicated to the fulfillment of this policy in regard to all aspects of employment, including but not limited to recruiting, hiring, placement, transfer, training, promotion, rates of pay, and other compensation, termination, and all other terms, conditions, and privileges of employment.

FRSecure is committed to the full inclusion of all qualified individuals. As part of this commitment, FRSecure will ensure that persons with disabilities are provided reasonable accommodations for the hiring process. If a reasonable accommodation is needed to complete a job application, interview, or otherwise participate in the hiring process, please contact the Human Resources team at hr@frsecure.com.