Consulting Manager, DFIR


Full Time Senior-level / Expert
Kivu Consulting logo
Kivu Consulting
Kivu is a global cyber security consultancy offering pre- and post-breach services, with specialist expertise in digital forensics. Speak to us today.
Apply now Apply later

Job Title:  Consulting Manager, DFIR 

Job Family: Incident Response

Work Location:  Remote within United States

Reports to: Senior Director, IR

Travel:  travel is inherent in this role, but no more than 30%

Business Hours:  Traditional, non-shift, however occasional night or weekend 


  • Manage consulting engagements, with a focus on incident response and forensics. Provide both subject matter expertise and project management experience to serve as the “point person” for client engagements
  • Recommend and document specific counter-measures and mitigating controls
  • Assist with scoping prospective engagements, participating in engagements from kickoff through full remediation, and mentoring less experienced staff
  • Identify, market, and develop new business opportunities
  • Develop comprehensive and accurate reports and presentations for both technical and executive audiences
  • Utilize Crowdstrike technology to conduct large-scale investigations and examine host and network-based sources of evidence
  • Supervise staff, provide feedback and coaching, and grow their technical and consulting skills
  • Improve Kivu's business processes and incident response methodologies


  • Bachelor’s or Master’s degree in a technical field
  • Minimum 8-10 years of information security experience
  • Minimum 5 years of professional consulting experience in a client facing capacity
  • Minimum 2 years of experience in a leadership capacity (team lead, matrixed team, or direct reports)
  • Technical expertise in at least three of the following areas:
    • Windows disk and memory forensics
    • Network Security Monitoring (NSM), network traffic analysis, and log analysis
    • Unix or Linux disk and memory forensics
    • Static and dynamic malware analysis
    • Applied knowledge in at least one scripting or development language (such as Python)
    • Thorough understanding of enterprise security controls in Active Directory / Windows environments
    • AWS / Cloud
  • Must be eligible to work in United States

Additional Qualifications:

  • Ability to leverage project management skills to effectively budget, scope, and execute engagements
  • Ability to manage multiple projects and manage tight deadlines
  • Superior communication skills including precise and detail focused writing ability
  • Ability to lead a team of highly technical security professionals
  • Ability to prepare and review customized contracts for IR consulting services
  • Strong consultative, trusted advisor skills
  • Willingness to travel up to 30%
Job region(s): Remote/Anywhere North America
Job stats:  355  11  0
  • Share this job via
  • or

Explore more Information Security career opportunities