IT Engineer 3 - Digital Forensics & Incident Response Manager (DFIR Manager) jobs in United States
cer-icon
Apply on Employer Site
company-logo

Case Western Reserve University · 3 hours ago

IT Engineer 3 - Digital Forensics & Incident Response Manager (DFIR Manager)

positionCleveland, OH
timeFull-time
remoteHybrid
seniorityMid, Senior Level
money$77K/yr - $97K/yr
date3+ years exp

Case Western Reserve University is committed to providing advanced Digital Forensics Engineering services in support of its enterprise systems and research environments. The Digital Forensics Engineer 3 will lead cybersecurity incidents, develop security capabilities, and collaborate with various stakeholders to enhance the university's information security program.

E-LearningEducationUniversities
check
H1B Sponsor Likelynote

Responsibilities

Serve as the technical lead and escalation point for advanced cybersecurity incidents, digital forensic examinations, and complex investigations involving university systems, data, and users. Lead evidence acquisition, preservation, analysis, and documentation activities in a legally defensible manner, including root-cause analysis, timeline reconstruction, and technical reporting to support remediation and institutional decision-making
Design, implement, operate, and continuously improve advanced Digital Forensics Engineering capabilities, including security monitoring, incident response workflows, investigative tooling, and forensic processes across enterprise and research environments. Lead the evaluation, configuration, and enhancement of security technologies to strengthen detection, response, and resilience
Coordinate technical security and investigative activities with internal partners such as the Office of General Counsel, Human Resources, Compliance, Research Administration, Public Safety, and IT teams. Provide expert technical guidance during high-impact incidents, legal matters, and regulatory inquiries to ensure alignment with institutional policies and legal requirements
Develop, maintain, and refine security documentation, incident response playbooks, forensic procedures, evidence-handling standards, and investigative workflows to ensure consistent, repeatable, and defensible practices aligned with institutional risk management and compliance obligations
Provide technical guidance and mentorship to junior engineers, analysts, and student employees. Share expertise through training, tabletop exercises, and collaborative problem-solving, and may lead or coordinate the technical work of others during investigations or university-wide security initiatives
Participate in training, tabletop exercises, professional development activities, and security drills to maintain technical expertise and enhance institutional incident response readiness
Support the preparation of post-incident reports, lessons-learned documentation, metrics, and briefings for technical and non-technical audiences, as needed
Perform other related duties as assigned in support of the Office of Information Security and university-wide initiatives

Qualification

Digital ForensicsIncident ResponseCybersecurity PrinciplesEvidence HandlingForensic ToolsAnalytical SkillsAI ToolsCommunication SkillsMentorship

Required

3 to 5 years of total work experience, including progressive experience in cybersecurity, incident response, digital forensics, security engineering, or related technical fields
Demonstrated experience supporting advanced cybersecurity investigations, incident response activities, or forensic examinations in enterprise environments
Required Bachelor's degree in Cybersecurity, Information Systems, Information Technology, Computer Science, Digital Forensics, Criminal Justice, or a closely related field
Strong understanding of cybersecurity incident response and digital forensics principles, including evidence acquisition, preservation, imaging, validation, and analysis across multiple systems and platforms
Demonstrated hands-on experience using industry-standard forensic and investigative tools, with the ability to learn and apply new tools as technologies evolve
Knowledge of chain-of-custody procedures and the handling of sensitive digital evidence in a legally defensible manner
Advanced incident response skills, including threat identification, containment, investigation, remediation, and recovery
Ability to analyze complex technical data, identify indicators of compromise, correlate events, and reconstruct investigative timelines
Strong analytical and problem-solving skills, including sound decision-making in high-impact or time-sensitive situations
Effective written and verbal communication skills, including the ability to explain technical findings to non-technical stakeholders
Ability to handle highly confidential and sensitive information with professionalism and discretion
Ability to collaborate effectively with internal partners and coordinate with external entities when required
Demonstrated ability to mentor others and provide technical leadership during investigations or security initiatives
Ability to manage multiple priorities simultaneously and meet deadlines
Ability to meet consistent attendance and interact professionally with colleagues, supervisors, and customers face to face
Demonstrated history of successful support, education, and advocacy for all students, aligned with the values, mission, and messaging of the university, while adhering to the staff policy on conflict of commitment and interest
Willingness to learn and work with artificial intelligence (AI) tools and technologies

Preferred

Experience managing evidence preservation, chain-of-custody documentation, eDiscovery tasks, or investigative processes in support of legal, regulatory, or institutional matters is strongly preferred
Prior law enforcement or peace officer experience is preferred but not required
Professional certification in at least one of the following is preferred: GIAC (GCFE, GCFA, GCIH, GNFA, GSOC, GSFE or similar), CISSP, or CISM
Additional foundational certifications (for example, Security+) are considered a plus

Benefits

Excellent healthcare
Retirement plans
Tuition assistance
Paid time off
Winter recess

Company

Case Western Reserve University

twittertwittertwitter
Glassdoor4.1
company-logo
Case Western Reserve University is among the nation's leading research institutions.
dateFounded in 1892
location
Cleveland, Ohio, USA
people-size5001-10000 employees
web-link
http://www.law.case.edu/

H1B Sponsorship

Case Western Reserve University has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (101)
2024 (103)
2023 (114)
2022 (123)
2021 (86)
2020 (134)

Funding

Current Stage
Late Stage
Total Funding
$1.17M
2015-10-12Grant· $1.17M

Leadership Team

leader-logo
Caden Kacmarynski
Co-Founder and President - Case Quantum Computing
linkedin
leader-logo
Christine Kush
Associate Dean, Corporate Partnerships and Executive Education
linkedin
Company data provided by crunchbase