Criminal Investigations and Forensics Program Manager (Active Secret Required)

Clearance Level
Not Applicable
Cyber Security
Arlington, Virginia

REQ#: RQ35230

Requisition Type: Pipeline

Program Description: Manages the criminal investigations and forensics program in support of a major federal client.  The organization provides services for digital evidence recovery and analysis, digital forensic analysis, online cyber investigation support, on-scene digital evidence collection, technical surveillance support, and investigation support for cyber-crimes within the department to include seizure or collection of digital and multimedia-related evidence.

Functional Duties: The manager oversees personnel and activities supporting the Criminal Investigations and Forensics Program. Interfaces and coordinates with Government leads with key focus on effective, efficient, and compliant contractor support. Executes proper staffing, providing appropriate, qualified, and sufficient contractor resources to meet specified requirements. Establishes work duties and schedules, and addresses work discrepancies. Supervises and communicates program policies, purposes, and goals to subordinates. Formulates and enforces work standards. Performs quality control; ensures contractor performance meets established performance standards. Monitors, tracks, and reports on the status of contractor activities. Identifies, promotes, and implements process improvements.  Conducts technical and management briefings. Oversees and directs complex technical tasks.

Candidate should have proven expert written and oral communication skills to include experience with executive-level presentations. Candidate should have knowledge related to the current state of cyber international relations, adversary tactics, and trends. Candidate will possess the ability to work quickly, and a willingness to complete ad hoc, time sensitive assignments.



  • A Bachelor’s Degree in Computer Science, Information Systems, Engineering, Criminal Justice, or other related scientific or technical discipline is desirable. Five (5) additional years of general experience (as defined below) may be substituted for the degree.
  • Desired – A Master’s Degree in Digital Forensic Science, Computer Science, Cybersecurity, or Criminal Justice.

Certification Required: CISSP

Certifications Desired: GCFE – GIAC Certified Forensic Examiner, GCFA – GIAC Certified Forensic Analyst, Encase EnCE, SANS Institute Forensic Toolkit (SIFT) or FTK vendor certifications

General Experience: 10 years of experience in investigations, computer forensics, or technical analysis with increasing responsibilities. Demonstrated oral and written communications skills. 

  • Good working knowledge of cyber investigations and forensic level analytics as well as insider threat programs. 
  • Experience in the security aspects of multiple platforms, operating systems, software, communications, and network protocols along with malware analysis in support of incident analysis and response.
  • Ability to anticipate and respond to changing priorities and operate effectively in a dynamic, demand-based environment, requiring flexibility and responsiveness to client matters and needs.
  • Demonstrated ability to manage projects and tasks within an agile and dynamic operational environment
  • Previous experience managing cross functional and interdisciplinary project teams to achieve tactical and strategic objectives.

Specialized Experience:

  • Seven (7) years of experience in computer investigations with a focus on cyber threat analysis and advanced network security forensics to include collecting, processing, preserving, analyzing, and reporting computer-related evidence in support of network vulnerability mitigation and/or criminal, fraud, counterintelligence, or law enforcement investigations.
  • Five (5) years’ experience developing forensically sound evidence using advanced computer technologies coupled with comprehensive forensic examination and analysis.
  • Five (5) years of working knowledge of forensics analysis tools, investigation processes, and case management products.
  • Five (5) years of technical task management and supervisory experience.
  • Experience leading technical meetings and working groups to address issues related to cybersecurity and incident preparedness and ability to create targeted remediation plans for organizations who have been compromised.
  • Experience with cloud infrastructures for the enterprise, such as Amazon Web Services, G Suite, Office 365, and Azure.
  • Experience developing and conducting detailed, technical, and hands on training.
  • Demonstrated analytical and communications skills.  

Desired:  Mobile device forensics

Security Clearance:  TS (clearable to SCI)

We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.

GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.