About the Role
Location: Flexible
Salary: Circa £80,000 plus excellent benefits package
Our Team
Cybersecurity has a fundamental role to play in the success of the EDF UK core mission in helping Britain achieve Net Zero by promoting trust and confidence in the EDF UK brand and the safety of nuclear power, the availability of EDF UK Systems which are critical to the safe and effective nuclear operational excellence, and by protecting the data of our customers and sensitive nuclear information.
The cyber security team support business units by providing secure services and platforms to enable businesses to focus on their core missions. The cyber security team enable the EDF UK business units through the available, efficient, and effective provision of services, including architecture, monitoring & response, and security technologies.
What’s my role and where do I fit in?
The Digital Forensics and Incident Response Manager is a management position within the EDF (UK) SOC. This individual will oversee the DFIR Service, taking responsibility for all aspects of the service. You will be the foremost technical expert for all aspects of cyber incident response, ensuring that the team are all suitably trained and that cyber incidents are handled in accordance with the requirements levied on a CNI regulated organisation. You will manage a team of DFIR analysts and be responsible for the management of the services provided by external partner organisations, ensuring they cover the key requirements and represent ongoing value for money.
You will need to demonstrate experience of building, managing and mentoring a Team and ensuring that appropriate resources are in place to deliver a first-class service, delivering against SLAs and KPIs.
You will also need excellent Stakeholder management skills including the ability to translate complex technical threats and vulnerabilities into executive-friendly insights that articulate potential business risks and recommended actions.
Specific Experience Required
Digital Forensics
- Evidence Handling and Collection: Supervise and define process for the secure collection and handling of digital evidence from a variety of asset types, including those in cloud platforms such as AWS and Azure. Ensure toolsets are aligned to achieve the objectives.
- Forensic Analysis: Supervise and perform forensic data analysis to determine causes of incidents. Ensure team is carrying out best practice and has well documented processes and playbooks to conduct data forensic activities.
- Investigation Advisory role: Provide technical and thought leadership in digital forensics matters to assist incident investigations teams.
Incident Response
- Incident Analysis: Ensure incident analysis is conducted and that suitably trained resources are available. Bear responsibility for the creation and maintenance of suitable playbooks for incident analysis on EDF IT systems. Provide technical expertise into the wider cyber incident response process.
- Incident Response: Responsible for all aspects of EDF Cyber Incident response. Coordination of cyber incident response actions. Provision of the appropriate technical support to the incident resolution phase. Ensure incidents are tracked adequately and liaise with the Secops and SOAR platform specialists to keep the platforms at the best, most efficient state.
- Incident Reporting: Prepare and oversee the preparation of incident reports. Ensure templates and processes for the reporting of incidents are all up to date. Be the foremost expert in EDF (UK) for cyber incident reporting.
- Tooling management and direction: Be a key advisor and requirement setter on the EDF EDR/XDR toolsets and MDR services. Ensure that the requirements of incident response are properly reflected in the various cyber toolsets and work with the engineering teams across the business to effect improvements.
What's in it for you?
Success is personal. It's your journey, powered by us. Join us and we'll help Britain achieve Net Zero together.
