DFIR Manager
Remote
- Full time
About the job
This vacancy has now expired. Please see similar roles below...
"The DFIR Manager role will sit within our Cyber Defence Department and is responsible for leading and managing the Digital Forensics & Incident Response Team. We are looking for someone who has a strong managerial and technical background, with significant experience across all types of incident response with a strong emphasis on cloud. The DFIR manager has overall responsibility for the ability to respond, and for the quality of that response to cyber incidents across EUI Limited.
This role involves overseeing the team's response to security incidents, ensuring that all incidents are handled efficiently and effectively, in line with the organisation's security policies and procedures. The manager will also be responsible for developing and maintaining the incident response plan, coordinating with other departments, and reporting to senior management on incident status and post-incident analysis.
The right candidate will be able to work intuitively with other operational technical teams, providing advanced technical expertise and outputs. When not responding to and managing incidents you will be driving the DFIR team with not only their strategic mission but also to be proactively collaborating with other technical teams to ensure the security of Admiral.
The DFIR team have a diverse set of highly technical functions within it ranging from malware reverse engineering to digital forensics. The manager of this team needs to be able to understand and participate in growing these functions to better the operations team.
Responsibilities
The DFIR manager will:
- Lead the DFIR team, providing guidance and direction during security incidents.
- Develop and maintain the organisation's incident response plan and ensure it is followed during incidents.
- Coordinate with IT, legal, and public relations departments to manage the response to security incidents.
- Provide regular updates to senior management on incident status and any critical issues that arise.
- Conduct post-incident analysis to identify root causes and implement improvements to prevent future incidents.
- Grow the DFIR teams responses using a threat led approach, with considerations for automation, AI, and cloud.
- Push the technical boundaries of the DFIR team, striving to provide enhanced technical output and knowledge to the operations department.
- Proactively lead the team to look for advanced threats and generate protections against them.
- Stay up to date on the changing threat landscape, incorporating new response procedures in accordance.
- Lead, develop and mentor the team and wider, fostering an environment of continuous learning, development, and knowledge sharing.
- Establish and drive the DFIR strategy, aligned to the rest of the security and tech department, inclusive of a growth into cloud, and the use of AI.
Essential Experience/Skills:
- Proven experience in managing a cyber incident response team.
- 2+ years of team management experience.
- 6+ years of experience conducting incident response and forensic investigations.
- 2+ years of experience with incidents in the cloud (Azure and/or GCP).
- Proven experience of driving strategic goals, and stakeholder management including third party relationships.
- Ability to actively manage workloads to meet business and department requirements.
- Strong understanding of security incident response protocols and best practices.
- A demonstrable understanding of the Cyber Kill Chain, MITRE ATT&CK and other information security defence and intelligence frameworks.
- Understanding of enterprise grade technical security controls and defence in depth practices.
- Ability to work under pressure and make critical decisions during security incidents.
- The ability to pick up and learn new technology approaches and make rapid decisions on the best way to use these technology advancements for the betterment of the overall security posture.
Desirable Skills:
- One or more of the following:
- (ISC)2 Certification such as: CISSP, CISM
- CompTIA Certification such as: Security+
- GIAC Certification such as: GCIH, GCIA, GDAT, GCDA, GISP, GCFE
- Familiarity with at least one cloud platform such as Microsoft Azure, Amazon AWS, or Google GCP.
- A working knowledge of financial services and the typical business processes involved together with the threat actors and their relevant tactics, techniques and procedures would be of significant advantage.
Salary, Benefits, and Work-Life Balance
We do not have a set salary for this position, as it will be dependent on the successful candidate’s experience. We are happy to see CVs from all candidates who meet the requirements and will be happy to discuss the remuneration package.
At Admiral, we are proud to be a diverse business where we put our people and customers first. We have great benefits to ensure employees have a great work-life balance; it's one of the reasons we’re consistently voted one of the Sunday Times Best Big Companies to work for in the UK. We want you to have an element of freedom to define a working lifestyle that supports this, so accommodate flexible hours wherever possible.
All colleagues will receive 33 days holiday (including banks holidays) when they join us, and this will increase with length of service, up to a maximum of 38 days (including banks holidays). You also have the option to buy or sell up to five days of annual leave in addition to your allocation.
You can also view some of our other key benefits here.
#LI-KG1
- Full time
- Information Security
__jobinformationwidget.freetext.LocationText__
Remote
Related jobs
Salary
Location
Cardiff
Job Type
Full time
Location
Cardiff
Brand
Admiral Law
Department
Law
Office address
Tŷ Admiral, David Street, Cardiff, CF10 2EH
Description
Join Admiral Law’s Quality and Governance Department! Admiral Law’s Quality and Governance Department has recently expanded and formed a brand-new team within our complaints handling function. They
Reference
10648
Expiry Date
01 Jan 0001
Vacancy managed by
Samantha BevanVacancy managed by
Samantha BevanSalary
Location
Cardiff
Job Type
Full time
Location
Cardiff
Brand
Admiral Group
Department
Claims, Household
Office address
Tŷ Admiral, David Street, Cardiff, CF10 2EH
Description
Are you looking to take the next step in developing your career? Why not start in a multi-award-winning company that prioritises your career growth and development. We are currently recruiting for
Reference
10558
Expiry Date
01 Jan 0001
Vacancy managed by
Dacey ColeVacancy managed by
Dacey ColeSalary
Location
Cardiff
Job Type
Full time
Location
Cardiff
Brand
Pioneer
Department
Veygo
Office address
Capital Tower, Greyfriars Road, Cardiff, CF10 3AZ
Description
We’re looking for a Senior Full Stack Engineer to join our team at Veygo! About Veygo At Veygo our world is learner and temporary pay-as-you-go car insurance. We know people's lifestyles a
Reference
10414
Expiry Date
01 Jan 0001
Vacancy managed by
Eden DaviesVacancy managed by
Eden DaviesOur Benefits
Admiral employees work hard to keep us at the top of our industry, and are rewarded for it—with competitive pay, a share package, career growth and development opportunities and some other great benefits, too!
People who like what they do, do it better.
Be You
Financial & Mortgage
Advice
24-Hour
Ecare
Cycle to Work
Scheme
Annual Holiday
Allowance
Flexible
Working
Simply
Health
Private Health
Cover
Critical Illness
Cover
Grow & Progress
Learning and
Development
Educational
Sponsorship
Accredited
Qualifications ILM
iLearn
Online Learning
Buy a Book
Scheme
Developmental
Coaching
Port of
Calls
Internal
Mobility
Make a Difference
Groups and
Societies
Socials and Team
Days Out
Multi Faith / Quiet
Rooms
Admiral Community
Fund
Give as You
Earn
Awards and Star
Lunches
Corporate Social
Responsibility
Impact
Hours
Share In Our Future
Share
Schemes
Refer a Friend
Bonus
Colleague and Family
Insurance Discount
Group Life
Assurance
Pension
Scheme
Life Event
Loan
Tickets to Sponsored
Events
Tusker Salary
Sacrifice