Enable job alerts via email!
VP – Digital Forensics & Incident Response (DFIR) Manager
Nicoll Curtin Technology
United Kingdom
Hybrid
GBP 76,000 - 90,000
Full time
Job summary
A leading financial services organisation is seeking a VP-level Digital Forensics & Incident Response Manager to lead its DFIR team in London. This hands-on role focuses on incident response, threat detection, and driving maturity in forensics. Strong candidates will have a proven track record in managing incident response teams and deep technical expertise in forensic analysis. The position offers a base salary up to £90,000 along with hybrid working arrangements.
Benefits
Qualifications
- Proven experience managing DFIR or cyber incident response teams.
- Deep technical knowledge of IR and forensic analysis.
- Strong understanding of security monitoring frameworks.
Responsibilities
- Lead the DFIR function, overseeing incident detection, investigation, and response activities.
- Develop and implement IR methodologies.
- Conduct forensic investigations on systems, networks, and endpoints.
Skills
Education
Tools
Job description
VP – Digital Forensics & Incident Response (DFIR) Manager
Job Description
Role:VP – Digital Forensics & Incident Response (DFIR) Manager
Location:London (Hybrid working available)
Salary:Up to £90,000 + benefits
Sector:Cyber Security / Financial Services
Overview
A leading financial services organisation is seeking aVP-level DFIR Managerto lead its Digital Forensics and Incident Response (DFIR) team. This is a hands-on leadership role focused on incident response, threat detection, and forensics within a complex, regulated environment.
You'll be responsible for advancing the organisation’s incident response capabilities, leading investigations, and driving threat detection maturity through development of use cases, threat intelligence, and vulnerability management.
Key Responsibilities
- Lead the DFIR function, overseeing incident detection, investigation, and response activities.
- Develop and implement IR methodologies (MITRE ATT&CK, Kill Chain, Threat Modelling, Diamond Model).
- Conduct forensic investigations on systems, networks, and endpoints.
- Refine threat hunting and threat intelligence capabilities.
- Support and mature security monitoring use cases (SIEM, packet inspection, IOCs).
- Coordinate cross-functional security incident response with SOC, Threat Intelligence, and Red/Blue teams.
- Engage with technical and business teams on cyber risk reduction strategies.
- Contribute to vulnerability management and remediation plans.
Required Skills & Experience
- Proven experience managing DFIR or cyber incident response teams.
- Deep technical knowledge of IR and forensic analysis (e.g. Wireshark, packet capture, host-based artifacts).
- Strong understanding of security monitoring frameworks (MITRE ATT&CK, NIST, etc.).
- Experience working in financial services or a regulated environment preferred.
- Hands-on experience with SIEM tools, network forensics, and endpoint detection.
- Knowledge of CIS benchmarks, cloud security, IAM, DLP, and vulnerability management.
- Familiarity with Windows, Linux/Unix, networking, and virtualisation (VMware).
Certifications (preferred):
GCIA, GCIH, GCFA or equivalent.
What’s on Offer
- Up to £90,000 base salary
- Hybrid/flexible working arrangements
- Opportunity to build and lead a growing DFIR capability in a major enterprise setting
- Supportive, inclusive culture with emphasis on work-life balance
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
job faster
Follow us
