Information Technology

Investigations & Incidents Manager

Friedman Williams

Investigations & Incidents Manager Washington DC

Job ID: 15686

Summary: The Investigations and Incidents Manager is responsible for ensuring that the firm promptly, thoroughly, and lawfully investigates security, privacy and workplace incidents affecting the firm’s assets, information or people. This role develops and implements digital forensics and incident response capabilities with a mix of internal and external resources. This is a highly technical role with requires hands-on, collaborative work with stakeholders and IT implementers.

Duties &Responsibilities

  • Defines, documents, and manages the Investigations and Incidents programs. These include developing bodies of practice related to triage and initial assessment of severity, investigations of suspected incidents, evidence capture and preservation, support for law enforcement interactions, and upward reporting as necessary.
  • Maintains the firm’s investigations processes, incident response playbooks, and related workflows as implemented in systems of record.
  • Works with stakeholders and affected parties to assess likelihood or severity of suspected incidents, identify appropriate follow-ups, conduct investigations, commission third-party assistance, regularly communicate status, and coordinate internal communications. This role will work closely with the CISO, firm General Counsels, senior lawyers, and other business stakeholders.
  • Manages relationships with third-party investigators and incident-response entities the firm may have relationships with, as necessary.
  • Perform other duties as assigned.

Qualifications

  • Bachelor’s degree in Computer Science or Engineering preferred; advanced degree and CISSP certification preferred.
  • Requires 10+ years’ experience in cybersecurity, with 5+ years’ experience running hands-on digital forensics and incident response programs.
  • Expert working knowledge of desktop security, forensics data capture, chain of custody concepts, open-source intelligence, and investigative methods.
  • Experience with tools such as EnCase, Axiom and Basis Tech is required
  • Exceptional ability to rapidly assimilate and synthesize information under pressure and during compressed timeframes.
  • Cogent and effective written and oral communications skills, combined with a newspaper-reporter’s knack for swiftly summarizing situations, including what is known and unknown

Tagged as: Investigations & Incidents Manager