Job Search

DFIR Manager

Location: London | United Kingdom
Job Type: Permanent
Salary: £75000 – £90000
Sector: Insurance

Contact Details

Name: Adu Ansere

Are you a passionate Cyber Security professional with in depth experience of Digital Forensics & Incident Response? Are you looking to work for a global Financial Services company with a leading Cyber Security consultancy function? I am currently recruiting for a Manager within the Digital Forensics & Incident Response (DFIR) team.

This role will perform daily tasks associated with incident response and investigations, leading on a range of projects for clients as well as helping develop the skills of the entire DFIR team.

Job Responsibilities of the Digital Forensics & Incident Response Manager

  • Leading on Incident Response for clients covering the full breadth of activities including investigation, determining root cause and remediation among others.
  • Support the wider team on complex forensic analysis cases
  • Define and refine policies and procedures for both Incident Response and Forensic/Malware Analysis
  • Acting as a subject matter expert on all matters relating to DFIR for clients identifying flaws and vulnerabilities and providing improvement recommendations including the selection of tooling
  • Preserve, harvest and analyse data from electronic data sources, including laptop and desktop computers, servers and mobile devices.
  • Support junior staff members providing mentorship and assistance with technical development
  • Possess the experience and integrity to perform as an expert witness when required
  • Investigate instances of malicious code and documents to determine attack vectors and payloads.


Desirable Skills and Experience of the Digital Forensics & Incident Response Manager

  • Experience working in a similar DFIR role
  • Experience implementing Incident Response plans
  • In depth experience of common operating systems including but not limited to Windows, macOS, Linux, Android & IOS.
  • Experience working with DFIR tooling including X-Ways, EnCase, Axiom, Cellebrite, Volatility, FTK etc
  • Experience with cloud technologies (AWS, Azure, GCP)
  • Experience conducting log analysis
  • Knowledge of programming languages is highly desired
  • Experience in digital forensics, incident response, or applicable technical field.
  • Industry certifications such as GCFA, GCIH, CREST certifications etc are desirable