Cyber Defense Forensics Lead
47nzSw1ftjXg5FLFiaMZCAยท Department of Homeland Security
About this role
Gritter Francona is looking for a Cyber Defense Forensics Lead to support a potential project with the Department of Homeland Security. The Forensics Lead will manage and direct the forensics and insider threat operations supporting U.S. Customs and Border Protection (CBP). The Lead will direct a team of expert analysts responsible for conducting digital forensic investigations, monitoring for data loss, and analyzing insider threat activities. The role requires deep technical expertise in forensic tools and methodologies, a solid understanding of incident response, and the ability to lead complex investigations from start to finish.
Key responsibilities include:
- Lead the CDF team in supporting insider threat operations, monitoring Data Loss Prevention (DLP) solutions, and investigating policy violations.
- Direct enterprise and endpoint digital forensic analysis on Windows, Linux, Mac, and cloud systems in support of investigations.
- Oversee the maintenance of the CBP SOC's forensics lab and provide recommendations for modernizing its capabilities.
- Manage the lifecycle of CDF investigations, ensuring findings are documented in formal investigation reports and cases are properly escalated to law enforcement entities when necessary.
- Serve as the team's Subject Matter Expert (SME) in evidence preservation, chain of custody, and malware analysis.
- A minimum of seven (7) years of professional experience with a solid understanding of incident response, insider threat investigations, and forensics.
- A minimum of five (5) years of hands-on experience, including recent experience with host-based and network-based security monitoring, forensic tools, SIEM platforms, and endpoint threat detection.
- Experience collecting data, reporting results, and handling the escalation of security issues.
- Proven ability to create insider threat focused dashboards, reports and workflow diagrams.
- Health Care Plan (Medical, Dental & Vision)
- Retirement Plan (401k, IRA)
- Life Insurance (Basic, Voluntary & AD&D)
- Paid Time Off (Vacation, Sick & Public Holidays)
- Short Term & Long Term Disability
- Training & Development
Frequently Asked Questions
Is the salary disclosed for the Cyber Defense Forensics Lead position at 47nzSw1ftjXg5FLFiaMZCA?
The salary for this Cyber Defense Forensics Lead role at 47nzSw1ftjXg5FLFiaMZCA is not publicly listed. Click "Apply Now" to learn more about the compensation package on their official careers page.
Where is the Cyber Defense Forensics Lead position at 47nzSw1ftjXg5FLFiaMZCA located?
This Cyber Defense Forensics Lead role at 47nzSw1ftjXg5FLFiaMZCA is based in Ashburn, Virginia, United States. The position is listed as on-site or hybrid. Check the full job description or apply directly to confirm the work arrangement.
Is the Cyber Defense Forensics Lead role at 47nzSw1ftjXg5FLFiaMZCA full-time or part-time?
This is listed as a Full time position. It is posted as a Cyber Defense Forensics Lead role in the Department of Homeland Security department at 47nzSw1ftjXg5FLFiaMZCA.
Which team or department does the Cyber Defense Forensics Lead at 47nzSw1ftjXg5FLFiaMZCA belong to?
This Cyber Defense Forensics Lead position is part of the Department of Homeland Security department at 47nzSw1ftjXg5FLFiaMZCA. See the full job description for more information about the team structure and responsibilities.
How do I apply for the Cyber Defense Forensics Lead position at 47nzSw1ftjXg5FLFiaMZCA?
Click the "Apply Now" button on this page. You will be redirected to 47nzSw1ftjXg5FLFiaMZCA's official application portal hosted on workable where you can submit your application directly.
When was the Cyber Defense Forensics Lead job at 47nzSw1ftjXg5FLFiaMZCA posted?
This Cyber Defense Forensics Lead position at 47nzSw1ftjXg5FLFiaMZCA was posted on Feb 19, 2026. Apply as soon as possible โ early applications are often reviewed first.
Cyber Defense Forensics Lead
47nzSw1ftjXg5FLFiaMZCA
You'll be redirected to 47nzSw1ftjXg5FLFiaMZCA's official application page on workable.