ArmstrongAdams
ArmstrongAdams provides Information risk management solutions.
- Open roles
- 57
Company signals
Score: 72Job facts
- Location
- Hybrid · GBR Manchester Hardman Boulevard
- Workplace
- Hybrid
- Type
- Full-time
- Department
- Cyber Services and Capabilities
Last verified live 6 hours, 11 minutes ago · checked directly on the company's Pinpoint
More roles at ArmstrongAdams
- Regional Bid Manager · NLD Rijswijk
- Detection Engineer · GBR Manchester Hardman Boulevard
- Senior Security Engineer · GBR Manchester Hardman Boulevard
- SOC Coordinator · NLD Rijswijk
- Executive Principal Consultant · NLD Rijswijk
- DFIR Managing Consultant · GBR Manchester Hardman Boulevard
Director, Digital Forensics & Incident Response (Global)
at ArmstrongAdams
(Open to Associate Director with progression path to Director)
The purpose of this role is to lead NCC Group’s global Digital Forensics and
Incident Response (DFIR) capability, ensuring effective preparedness,
response, recovery, and continuous improvement across cyber incident
management and forensic investigations. The global DFIR team will consist of
regionally distributed colleagues, delivering a consistent, scalable, and
market-leading service that protects client assets, reputation, and business
operations. The role is responsible for setting strategic direction, driving
operational excellence, evolving people, process and technology capabilities,
and supporting commercial growth through the conversion of incident response
engagements into ongoing security service opportunities.
The Director, DFIR will be responsible for ensuring robust cyber resilience capabilities, overseeing major cyber incidents, maintaining advanced forensic practices, and ensuring the function remains aligned with changing client requirements, regulatory obligations, and emerging cyber threats. The role also serves as a senior leader within the Cyber Intelligence and Response business, influencing stakeholders and driving continuous service improvement.
A key part of the role is engaging and collaborating with leaders across NCC Group to achieve the following ambitions:
- Define and execute a global DFIR strategy aligned to business priorities and risk appetite.
- Strengthen cyber incident preparedness, response, and recovery capabilities.
- Develop and scale advanced digital forensic capabilities across endpoint, network, and cloud environments.
- Embed lessons learned from incidents, exercises, and reviews into continuous improvement initiatives.
- Drive operational excellence through effective capacity planning, resource management, and performance measurement.
- Support business growth by identifying opportunities to transition incident response engagements into long-term security services.
Key Responsibilities
- Lead the global DFIR function, ensuring effective delivery of digital forensics and incident response services across multiple regions.
- Define and execute the global DFIR strategy, ensuring alignment with business objectives, client needs, and organisational risk appetite.
- Manage regional performance through effective resource planning, utilisation management, and alignment to revenue forecasts and delivery demand.
- Implement clear measures of capacity, utilisation, and operational performance to optimise scalability and efficiency.
- Drive effective offshoring strategies that balance quality, efficiency, and cost.
- Oversee the management of major cyber incidents and act as the senior escalation point during high-severity events.
- Ensure coordinated incident response across technical teams, business leadership, clients, and external stakeholders.
- Drive effective containment, remediation, recovery, and post-incident review activities.
- Lead the development of advanced forensic capabilities across endpoint, network, cloud, and emerging technology environments.
- Ensure forensic readiness, evidential integrity, and compliance with legal and regulatory requirements.
- Maintain incident response plans, playbooks, and testing programmes through simulations and exercises.
- Partner with Legal, Risk, Compliance, and senior business stakeholders to meet regulatory and client obligations.
- Define, measure, and report on key operational KPIs, including quality, responsiveness, accuracy, and customer satisfaction.
- Build, mentor, and lead a high-performing, diverse, and globally distributed DFIR organisation.
- Foster a culture of innovation, collaboration, continuous learning, and operational excellence.
- Represent NCC Group externally through industry forums, conferences, and customer engagements, demonstrating thought leadership in DFIR and cyber resilience.
Skills, Knowledge & Expertise
- Extensive experience leading Digital Forensics and Incident Response (DFIR) teams within complex cyber security environments.
- Proven experience developing and executing global operational strategies aligned to business objectives.
- Strong experience managing large-scale cyber incidents, breaches, and crisis response activities.
- Expertise in digital forensics across endpoint, network, cloud, and hybrid environments.
- Experience building, developing, and retaining high-performing technical teams across multiple geographies.
- Strong process improvement and operational transformation experience.
- Experience managing budgets, forecasting demand, and optimising resource allocation.
- Ability to influence and communicate effectively with executive stakeholders, clients, regulators, and technical teams.
- Strong written and verbal communication skills, with the ability to translate complex cyber security concepts into business-focused language.
- Experience leading organisational change and technology transformation initiatives.
Desirable Skills
- Experience within Managed Security Services (MSSP) or large-scale cyber security consulting environments.
- Experience supporting commercial growth, sales enablement, and service expansion opportunities.
- Strong knowledge of current cyber threat trends, regulatory requirements, and industry best practices.
- Active participation in industry forums, conferences, or recognised cybersecurity communities.
Job Benefits
What do we offer in return?
We have a high-performance culture which is balanced evenly with world-class well-being initiatives and benefits:
- Flexible Working: Balance your work and personal life with our flexible working options.
- Enhanced Holiday Allowance: Enjoy 25 days of holiday, plus bank holidays, with the option to buy up to 5 additional days of annual leave.
- Medicash & Critical Illness Scheme.
- Financial & Investment Benefits: Pension, Life Assurance, and Share Save Scheme.
- Community & Volunteering Programmes.
- Green Car Scheme.
- Cycle to Work Scheme.
- Special Time Off for important life events.
- Enhanced Family Planning, Maternity, and Paternity Support.