iceberg logo
iceberg logo

Senior DFIR Manager

Upload your CV/resume or any other relevant file. Max. file size: 0 B.


You can apply to this job and others using your online resume. Click the link below to submit your online resume and email your application to this employer.

Archie Bourne

Cybersecurity & eDiscovery Recruitment Specialist

Archie Bourne

Contact

Email
archie.bourne@thisisiceberg.com
Mobile
+44 7350 362805
US: 315 508 6500
Back to Job Search

VP – Digital Forensics & Incident Response Manager

Location: London (Hybrid)

Sector: Global Financial Services

I’m currently working on behalf of a global financial organisation with a strong presence across EMEA, who are looking to appoint a VP-level leader to manage their Digital Forensics and Incident Response (DFIR) function within their Cyber Security team. This is a high-impact role offering the opportunity to lead advanced response capabilities, oversee incident lifecycle management, and shape the future of threat detection and response within a complex, regulated environment.

Key Responsibilities

  • Lead and manage the core Digital Forensics and Incident Response team, ensuring effective detection, containment, and remediation of cyber security incidents.
  • Oversee the development and refinement of security monitoring use cases, detection logic, and threat hunting initiatives.
  • Investigate and manage critical incidents across the full kill chain using both host and network-based forensics techniques.
  • Act as the technical escalation point and lead handler for high-severity incidents.
  • Establish and improve forensics capabilities, documentation, and processes in line with industry frameworks (e.g. MITRE ATT&CK, NIST).
  • Collaborate with penetration testing, red team, threat intel, and compliance teams to mitigate cyber risk.
  • Drive the adoption of advanced monitoring frameworks, including the implementation of IOC- and behavior-based alerting.
  • Provide strategic input into cyber security controls, architecture, and future-state operating models.
  • Maintain stakeholder relationships and contribute to post-incident reviews and improvement plans.
  • Participate in on-call or extended-hour coverage (between 7am–7pm as needed).

What We’re Looking For

  • Proven leadership experience in Digital Forensics & Incident Response, preferably within a banking or financial services environment.
  • Expertise in forensic analysis (host and network), SIEM, EDR/XDR, packet capture tools, and incident response tooling.
  • Strong understanding of threat modelling frameworks such as MITRE ATT&CK, Kill Chain, Diamond Model, etc.
  • Experience managing or leading DFIR analysts and developing operational capability.
  • Hands-on experience with SIEM platforms, malware analysis tools, and threat hunting methodologies.
  • Sound knowledge of cloud security (AWS, Azure) and vulnerability management frameworks.
  • Excellent communication skills, stakeholder engagement, and an analytical mindset.
  • Relevant certifications (e.g. GCIH, GCFA, GCIA) are highly desirable.

Why Apply?

  • Be a senior leader in a global organisation committed to cybersecurity maturity and innovation.
  • Shape the strategic direction of forensics and response operations across a high-value infrastructure estate.
  • Work alongside some of the most experienced security professionals in the industry.
  • Competitive salary, benefits, and hybrid working options.
Upload your CV/resume or any other relevant file. Max. file size: 0 B.


You can apply to this job and others using your online resume. Click the link below to submit your online resume and email your application to this employer.

JOIN OUR NETWORK

Tap Into Our Global Talent Pool

When you partner with Iceberg, you gain access to an unmatched network of 120,000 candidates and 66,000 LinkedIn followers. Our passion for networking allows us to source and place exceptional talent faster than anyone else. Join our community and gain a competitive edge in hiring.
Pin
Pin
Pin
Pin
Pin
Pin
Pin
Pin
Pin
Pin
Pin
Pin
Pin