BW Cyber Services’ Digital Forensics Incident Response (DFIR) team is seeking a subject matter expert with in-depth understanding of existing and emerging threat actors. It DFIR specialist should have extensive experience identifying rapidly changing tools, tactics, and procedures (TTPs) of attackers.

Candidates must be able to see the big picture, understanding evolving attacker behavior and motivations, participate and manage large client-facing projects, and help to train/mentor other security consultants. The successful candidate will possess sound business acumen, strong consulting skills, current technical skills and be adept in leading multiple projects under tight deadlines.

Key Responsibilities

• Conduct digital forensics on hosts, networks, and cloud applications including log analysis and malware triage in support of incident response investigations

• Utilize common industry technologies to conduct investigations and examine endpoint, network, and cloud-based sources of evidence

• Recognize and codify attacker TTPs in indicators of compromise (IOCs) that can be applied to current and future investigations

• Build scripts, tools, or methodologies to enhance internal investigation processes

• Develop and present comprehensive and accurate reports, trainings, and presentations for both technical and executive audiences

• Work with clients’ security and IT operations teams to implement remediation plans in response to incidents

• Create and/or update clients’ Incident Response Plans ensuring appropriate phases of IR are considered for client’s specific risk profile


• Bachelor’s degree in a technical field with minimum of 4 years of comparable experience

• Possess at least one computer forensics/examination related certifications (e.g., CCE, EnCe, CFCE, GCFA/GCFE, or CSFA)

• Experience with:

o Windows disk and memory forensics

o Network Security Monitoring (NSM), network traffic analysis, and log analysis

o Unix or Linux disk and memory forensics

o Static and dynamic malware analysis

• Thorough understanding of enterprise security controls in legacy Active Directory and cloudbased environments (i.e., Azure, AWS, GCP, etc.)

• Experience building scripts, tools, or methodologies to enhance investigation processes

Additional Qualifications

• Ability to travel up to 10%

• Effectively communicating investigative findings and strategies to technical staff, executive leadership, legal counsel, and internal and external clients

• Effectively develop documentation and explain technical details in a concise, understandable manner

• Strong time management skills to balance time among multiple tasks, and lead junior staff when required

• US-Citizens able to obtain clearance if needed for task requirements

Find a link to the job description here.


About BW Cyber Services:

BW Cyber Services is a Veteran Owned/Veteran Friendly industry-leading cyber security consultancy providing targeted solutions to highly regulated industries. As an industry leader, our blue chip consultants understand the unique nexus between cybersecurity, operational risk, and regulatory compliance. As depicted below, BW Cyber Services offers a full spectrum of security services that include testing, assessments, compliance, education, policy, forensic and virtual Chief Information Officer outsourcing. BW Cyber Services provides extremely competitive compensation packages along with exceptional benefits (medical, 401k, vacation, etc.). We seek self-starters who are willing to learn quickly, work hard, and provide solid leadership by example. For additional information, please see our website at, follow us on or contact us at

How To Apply

Other Jobs from BW Cyber Services

BW Cyber Services

Penetration Tester/Red Team Leader

Full Time

BW Cyber Services

Cyber Cloud Security Architect

Full Time

Help us improve SACC by providing feedback about this job: Report an issue