Forensic Team Lead Jobs

Ready to further your career in the fast-paced, exciting world of cyber security?

Arctic Wolf, with its unicorn valuation, is the leader in security operations in an exciting and fast-growing industry—cybersecurity. We have won countless awards for our excellence in security operations and remain dedicated to providing an industry-leading customer and employee experience.

Our mission is simple: End Cyber Risk. We’re looking for a Forensic Team Lead to be part of making this happen.

About The Role

A highly technical member of Arctic Wolf’s data breach, incident response, and cybersecurity risk management teams. The primary responsibility of this role is to lead a team of 3-4 forensics analysts to complete in-depth analyses for incident response engagements. The Forensics Team Lead will independently contribute to investigations while also directly managing a forensic team that can vary in size up to ten team members. The Forensics Team lead will monitor team utilization and evenly distribute work from multiple engagements across the team. The Forensics Team Lead also participates on scoping and client update calls if the Director of the engagement needs more in-depth technical explanations and updates.

As a Forensic Team Lead, You Will

• Preserve and analyze data from electronic data sources and systems including laptop and desktop computers, servers, mobile devices, and cloud services (Azure, AWS, etc.)
• Provide immediate analysis for digital forensics, incident response, and litigation
• Manage workload distribution and team member utilization as new incident response engagements commence
• Work closely with Incident Response, Cyber Defense Operations, and Cyber Risk Management teams and have an inherent understanding of Tetra’s value proposition
• Process collected data and conduct data acquisitions through advanced forensic analysis
• Collaborate with other service area Team Leads to standardize processes and procedures as needed
• Contribute on incident response engagements and communicate with corresponding case leads to support clients through the data breach investigation process
• Compose content for client reports and presentations, and review/approve contributions made by other team members on the case
• Establish team standards for quality through producing exceptional oral and written work products, present complex technical matters clearly and concisely
• Examine firewall, web, database, and other log sources to identify evidence and artifacts of malicious and compromised activity
• Provide pertinent updates on incident response engagements to case leads to guide clients through forensics investigations, contain security incidents, and provide advisory services on longer-term remediation recommendations
• Perform digital forensics functions including but not limited to host-based analysis through investigating Windows, Linux, and Mac OS X systems to identify Indicators of Compromise (IOCs)
• Provide mentorship to direct reports and team members and take a keen interest in their professional growth and development within DFIR

Your Experience Could Look Like

• Experienced with IR and forensics tools, such as, Magnet Axiom, EnCase, FTK, X-
• Certifications: CISSP, GIAC, GCFE, GCIH, EnCE, or similar training and certification
• Prior experience with EDR, MDR, and/or any SIEM tools
• Prior people management experience in leading forensic professionals, of up to ten in team size
• Prior consulting and professional services experience
• Bachelors Degree in Information Secruity, Computer Science, Digital Forensics, Cyber Security or related professional experience
• Ways, SIFT, Splunk, Redline, Volatility, Wireshark, tcpdump, and open-source forensic
• Proficient with in-depth host-based forensics and data breach response methods
• Advanced hands-on professional expertise with digital forensics and incident response
• Knowledge of current sophisticated attack vectors and trends in cybersecurity

About Arctic Wolf

At Arctic Wolf we’re cultivating a collaborative and productive work environment that welcomes a diversity of backgrounds, cultures, and ideas to make our teams even stronger as we grow globally. We’ve been named one of the 50 Most Innovative Companies in the world for 2022 (Fast Company)—and the 2nd Most Innovative Security Company. This is in addition to consecutive awards from Top Workplace USA (2021, 2022), Best Places to Work - USA (2021, 2022) and Great Place to Work - Canada (2021, 2022).

Our Values

Arctic Wolf recognizes that success comes from delighting our customers, so we work together to ensure that happens every day. We believe in diversity and inclusion, and truly value the unique qualities and unique perspectives all employees bring to the organization. And we appreciate that—by protecting people’s and organizations’ sensitive data and seeking to end cyber risk— we get to work in an industry that is fundamental to the greater good.

We celebrate unique perspectives by creating a platform for all voices to be heard through our Pack Unity program. We encourage all employees to join or create a new alliance. See more about our Pack Unity here.

We also believe and practice corporate responsibility, and have recently joined the Pledge 1% Movement, ensuring that we continue to give back to our community. We know that through our mission to End Cyber Risk we will continue to engage and give back to our communities.

All Wolves Receive Compelling Compensation And Benefits Packages, Including

• Bonus or commission pay based on role
• Flexible time off, paid volunteer days and paid parental leave
• Health Savings and Flexible Spending Agreement
• Medical, Dental, and Vision insurance
• Equity for all employees
• Training and career development programs
• Voluntary Legal Insurance
• 401k match

Arctic Wolf is an Equal Opportunity Employer and considers applicants for employment without regard to race, color, religion, sex, orientation, national origin, age, disability, genetics, or any other basis forbidden under federal, provincial, or local law. Arctic Wolf is committed to fostering a welcoming, accessible, respectful, and inclusive environment ensuring equal access and participation for people with disabilities. As such, we strive to make our entire employee experience as accessible as possible and provide accommodations as required for candidates and employees with disabilities and/or other specific needs where possible. Please let us know if you require any accommodations by emailing [email protected].

Security Requirements

• Conducts duties and responsibilities in accordance with AWN’s Information Security policies, standards, processes and controls to protect the confidentiality, integrity and availability of AWN business information (in accordance with our employee handbook and corporate policies).
• Background checks are required for this position.

Come join the Pack during this exciting time of rapid growth where every employee makes a difference and their contributions are recognized and rewarded.