Are you a passionate Cyber Security professional with in depth experience of Digital Forensics & Incident Response? Are you looking to work for a global Financial Services company with a leading Cyber Security consultancy function? I am currently recruiting for a Manager within the Digital Forensics & Incident Response (DFIR) team.

This role will perform daily tasks associated with incident response and investigations, leading on a range of projects for clients as well as helping develop the skills of the entire DFIR team.

Job Responsibilities of the Digital Forensics & Incident Response Manager

• Leading on Incident Response for clients covering the full breadth of activities including investigation, determining root cause and remediation among others.
• Support the wider team on complex forensic analysis cases
• Define and refine policies and procedures for both Incident Response and Forensic/Malware Analysis
• Acting as a subject matter expert on all matters relating to DFIR for clients identifying flaws and vulnerabilities and providing improvement recommendations including the selection of tooling
• Preserve, harvest and analyse data from electronic data sources, including laptop and desktop computers, servers and mobile devices.
• Support junior staff members providing mentorship and assistance with technical development
• Possess the experience and integrity to perform as an expert witness when required
• Investigate instances of malicious code and documents to determine attack vectors and payloads.

Desirable Skills and Experience of the Digital Forensics & Incident Response Manager

• Experience working in a similar DFIR role
• Experience implementing Incident Response plans
• In depth experience of common operating systems including but not limited to Windows, macOS, Linux, Android & IOS.
• Experience working with DFIR tooling including X-Ways, EnCase, Axiom, Cellebrite, Volatility, FTK etc
• Experience with cloud technologies (AWS, Azure, GCP)
• Experience conducting log analysis
• Knowledge of programming languages is highly desired
• Experience in digital forensics, incident response, or applicable technical field.
• Industry certifications such as GCFA, GCIH, CREST certifications etc are desirable