Job title, industry, keywords, etc.
City, State or Postcode

VP - Digital Forensics & Incident Response (DFIR) Manager

Nicoll Curtin Technology - London, England

Apply Now

Job Description

Job Description Role: VP - Digital Forensics & Incident Response (DFIR) Manager Location: London (Hybrid working available) Salary: Up to 90,000 + benefits Sector: Cyber Security/Financial Services Overview A leading financial services organisation is seeking a VP-level DFIR Manager to lead its Digital Forensics and Incident Response (DFIR) team. This is a hands-on leadership role focused on incident response, threat detection, and forensics within a complex, regulated environment.You'll be responsible for advancing the organisation's incident response capabilities, leading investigations, and driving threat detection maturity through development of use cases, threat intelligence, and vulnerability management. Key Responsibilities Lead the DFIR function, overseeing incident detection, investigation, and response activities.Develop and implement IR methodologies (MITRE ATT&CK, Kill Chain, Threat Modelling, Diamond Model).Conduct forensic investigations on systems, networks, and endpoints.Refine threat hunting and threat intelligence capabilities.Support and mature security monitoring use cases (SIEM, packet inspection, IOCs).Coordinate cross-functional security incident response with SOC, Threat Intelligence, and Red/Blue teams.Engage with technical and business teams on cyber risk reduction strategies.Contribute to vulnerability management and remediation plans. Required Skills & Experience Proven experience managing DFIR or cyber incident response teams.Deep technical knowledge of IR and forensic analysis (eg Wireshark, packet capture, host-based artifacts).Strong understanding of security monitoring frameworks (MITRE ATT&CK, NIST, etc.).Experience working in financial services or a regulated environment preferred.Hands-on experience with SIEM tools, network forensics, and endpoint detection.Knowledge of CIS benchmarks, cloud security, IAM, DLP, and vulnerability management.Familiarity with Windows, Linux/Unix, networking, and virtualisation (VMware). Certifications (preferred): GCIA, GCIH, GCFA or equivalent. What's on Offer Up to 90,000 base salaryHybrid/flexible working arrangementsOpportunity to build and lead a growing DFIR capability in a major enterprise settingSupportive, inclusive culture with emphasis on work-life balance

Created: 2025-08-03