Forensic Incidence Response Manager

Digital Forensic Incidence Manager

Job Type : Contractual For 6 months -High Chances of getting Converted to Permanent 

Client : One of the Leading Companies in Financial Consulting 

Job Description:

The Cyber Response team helps clients navigate and recover from cyber incidents with confidence. We guide organizations through every phase of response, from detection and containment to investigation and recovery, ensuring clear communication and coordinated action throughout.The DFIR Manager leads client-facing incident response and forensic engagements, serving as both a technical lead and engagement manager. This role requires strong incident command skills, particularly with ransomware cases, and the ability to align technical, legal, and business workstreams.

The manager will oversee multiple engagements, ensuring quality, consistency, and effective coordination across the team. They will also serve as a mentor and escalation point for supervisors and consultants while maintaining strong relationships with clients, counsel, and insurers.The ideal candidate combines technical expertise, leadership presence, and sound judgment to manage the full lifecycle of an incident and keep all stakeholders aligned.

Responsibilities:

• Lead multiple client-facing incident response and forensic engagements, ensuring quality and consistency across delivery.
• Serve as incident commander during active crises, coordinating technical, legal, and business response efforts.
• Define engagement scope, objectives, and communication plans from the outset.
• Act as a trusted advisor to clients, external counsel, and cyber insurers, providing clear direction under pressure.
• Supervise and mentor team members, fostering accountability, growth, and strong client communication.
• Review and deliver concise reports that translate technical findings into actionable insights for executives.
• Support practice development through playbook refinement, process improvement, and knowledge sharing.
• Participate in on-call rotation and provide oversight during critical incidents.

Qualifications:

Expertise in all these areas is not required, but you should be excited by the opportunity to learn new things and comfortable with working with other team members to expand your knowledge base and experience.

• Bachelors degree in Cybersecurity, Computer Science, Information Technology, or equivalent experience.
• Proven experience leading complex cybersecurity incidents such as ransomware, data theft, and insider threats.
• Strong background in incident response and EDR tools (CrowdStrike, SentinelOne, Carbon Black, etc.).
• Familiarity with forensic tools and analysis in Windows, Linux, and cloud environments (AWS, Azure, GCP).
• Skilled in managing multiple engagements and maintaining composure under pressure.
• Excellent communication skills with the ability to brief executives and technical teams effectively.
• Experience mentoring and developing DFIR team members.
• Relevant certifications preferred (GCIH, GCFA, GCFE, CISSP, or similar).
• Willingness to participate in after-hours or weekend rotations as needed.

Ability to provide after-hours (on-call/weekend rotational) support as required to address critical incidents and maintain continuous coverage.