About the job
Role: DFIR Manager
Location: London (Hybrid)
Locke & McCloud has collaborated with a management consulting firm, with an office in Central London. They have a well-established DFIR team and are currently looking for their next DFIR Manager.
Leading a team of ambitious DFIR professionals dedicated to the management of active cybersecurity incidents.
Supervising cybersecurity incident response initiatives through close collaboration with consultants and clients.
Assisting consultants in enhancing their analytical, procedural, and communication skills.
Overseeing end-to-end client engagements.
Providing support to prominent partners, clients, and our lab to continuously enhance our service.
Design and improve policies for forensic and malware analyses.
Investigate cybersecurity incidents to determine the cause of a breach.
Digital forensics / incident response certification(s) such as SANS certifications (GCFA, GCIH etc), CREST certifications (CPIA, CRIA etc.), or equivalent.
Deep experience with most common operating systems (Windows, macOS, Linux, iOS, Android) and their file systems (ext3/4, HFS+, APFS, NTFS, exFAT, etc.).
Proficiency with industry-standard DFIR toolsets, such as X-Ways, EnCase, Axiom, Cellebrite, FTK and Volatility.
Proficiency with database querying and analysis.
Experience with cloud infrastructures for the enterprise, such as Amazon Web Services, G Suite, Office 365, and Azure.
Experience with conducting log analysis of large datasets.
Experience with command line tools (grep, sed, awk, python, and other programming languages.
Familiarity with computer system hardware and software installation and troubleshooting.
Well-developed analytic, qualitative, and quantitative reasoning skills and demonstrated creative problem-solving abilities.
Proficiency with MS Office Applications, and familiarity with Windows, Macintosh and Linux operating systems.