Digital Forensics & Incident Response Manager - Hybrid - Gloucester, UK

EDF
Gloucester
1 week ago
Applications closed

Related Jobs

View all jobs

L3 Security Analyst

Senior Security Engineer (Threat Detection and Response)

Junior Cyber Security Engineer - Blue Team (CyberMillion) - Bristol, UK

Security Architect

Senior Security Analyst

Cybersecurity Engineer – Global Manufacturing Lead

Digital Forensics & Incident Response Manager - Gloucester, UK

About the Role


Location: Flexible

Salary:  Circa £80,000 plus excellent benefits package

 

An excellent opportunity has arisen within our Team for a Digital Forensics & Incident Response Manager.  The location of the role is completely flexible and there is an excellent salary and benefits package on offer.

Our Team

Cybersecurity has a fundamental role to play in the success of the EDF UK core mission in helping Britain achieve Net Zero by promoting trust and confidence in the EDF UK brand and the safety of nuclear power, the availability of EDF UK Systems which are critical to the safe and effective nuclear operational excellence, and by protecting the data of our customers and sensitive nuclear information.

The cyber security team support business units by providing secure services and platforms to enable businesses to focus on their core missions. The cyber security team enable the EDF UK business units through the available, efficient, and effective provision of services, including architecture, monitoring & response, and security technologies.

What’s my role and where do I fit in?  

The Digital Forensics and Incident Response Manager is a management position within the EDF (UK) SOC. This individual will oversee the DFIR Service, taking responsibility for all aspects of the service. You will be the foremost technical expert for all aspects of cyber incident response, ensuring that the team are all suitably trained and that cyber incidents are handled in accordance with the requirements levied on a CNI regulated organisation. You will manage a team of DFIR analysts and be responsible for the management of the services provided by external partner organisations, ensuring they cover the key requirements and represent ongoing value for money.

You will need to demonstrate experience of building, managing and mentoring a Team and ensuring that appropriate resources are in place to deliver a first-class service, delivering against SLAs and KPIs.

You will also need excellent Stakeholder management skills including the ability to translate complex technical threats and vulnerabilities into executive-friendly insights that articulate potential business risks and recommended actions.

Specific Experience Required

Digital Forensics

  • Evidence Handling and Collection: Supervise and define process for the secure collection and handling of digital evidence from a variety of asset types, including those in cloud platforms such as AWS and Azure. Ensure toolsets are aligned to achieve the objectives.
  • Forensic Analysis: Supervise and perform forensic data analysis to determine causes of incidents. Ensure team is carrying out best practice and has well documented processes and playbooks to conduct data forensic activities.
  • Investigation Advisory role: Provide technical and thought leadership in digital forensics matters to assist incident investigations teams.

Incident Response

  • Incident Analysis: Ensure incident analysis is conducted and that suitably trained resources are available. Bear responsibility for the creation and maintenance of suitable playbooks for incident analysis on EDF IT systems. Provide technical expertise into the wider cyber incident response process.
  • Incident Response: Responsible for all aspects of EDF Cyber Incident response. Coordination of cyber incident response actions. Provision of the appropriate technical support to the incident resolution phase. Ensure incidents are tracked adequately and liaise with the Secops and SOAR platform specialists to keep the platforms at the best, most efficient state.
  • Incident Reporting: Prepare and oversee the preparation of incident reports. Ensure templates and processes for the reporting of incidents are all up to date. Be the foremost expert in EDF (UK) for cyber incident reporting.
  • Tooling management and direction:Be a key advisor and requirement setter on the EDF EDR/XDR toolsets and MDR services. Ensure that the requirements of incident response are properly reflected in the various cyber toolsets and work with the engineering teams across the business to effect improvements.


What\\\'s in it for you?


Success is personal. It\\\'s your journey, powered by us. Join us and we\\\'ll help Britain achieve Net Zero together.

Get the latest insights and jobs direct. Sign up for our newsletter.

By subscribing you agree to our privacy policy and terms of service.

Industry Insights

Discover insightful articles, industry insights, expert tips, and curated resources.

Careers Jobs

BAE Systems Cybersecurity Jobs in 2025: Your Complete UK Guide to Protecting Governments, Businesses and Critical Infrastructure

From securing the Royal Navy’s new Dreadnought submarines to foiling multimillion‑pound fraud rings, BAE Systems Digital Intelligence (DI)—formerly Detica—sits at the sharp end of global cyber defence. Head‑quartered in Guildford with hubs in Gloucester, Leeds and London, the 5,500‑strong DI business delivers threat‑intelligence platforms, secure‑by‑design software and 24/7 SOC services to government and commercial clients worldwide. With escalating ransomware, AI‑driven disinformation and complex supply‑chain threats, BAE plans to expand its UK cyber workforce by 20 % in 2025. Whether you’re a graduate passionate about reverse engineering, a DevSecOps engineer who loves IaC, or an incident‑response pro comfortable in high‑side environments, this guide explains how to land a BAE Systems cybersecurity job in 2025.

Jobs

Cyber Security vs. Ethical Hacking vs. Security Analysis Jobs: Which Path Should You Choose?

In an era where data breaches, ransomware attacks, and sophisticated digital threats dominate headlines, the demand for skilled cyber security professionals has never been higher. From global corporations to small businesses, organisations are scrambling to protect their systems, networks, and data from malicious actors. If you’ve been exploring cyber security jobs on www.cybersecurityjobs.tech, you’ve likely encountered various specialised roles—Ethical Hacking (often termed Penetration Testing), Security Analysis, Security Architecture, Incident Response, and more. Yet many job seekers and technology enthusiasts are unsure how these fields overlap or which one is right for them. In this in-depth guide, we’ll demystify three core disciplines—Cyber Security, Ethical Hacking, and Security Analysis—outlining the skills each requires, the responsibilities you can expect, salary ranges in the UK, and typical day-to-day activities. By the end, you’ll have a clearer understanding of these roles, helping you decide which path to pursue in this fast-growing industry. And when you’re ready to take the next step, head over to www.cybersecurityjobs.tech to explore the latest openings and find your perfect match.

Careers

Cyber Security Programming Languages for Job Seekers: Which Should You Learn First to Launch Your Security Career?

Cyber security has become a top priority for companies of all sizes, public institutions, and governments. As cyber threats evolve—from sophisticated ransomware attacks to large-scale data breaches—employers are eager to recruit talent with the skills to detect, prevent, and respond to security incidents. If you’re exploring roles on www.cybersecurityjobs.tech, a key question inevitably arises: Which programming language should you learn first for a career in cybersecurity? Cyber security is a multifaceted domain encompassing network security, application security, reverse engineering, digital forensics, ethical hacking (penetration testing), and more. Each niche may have unique language preferences—like Python for scripting tasks, C/C++ for exploit development, or Rust for building secure low-level tools. In this article, we’ll: Highlight the top programming languages used across cyber security. Break down pros, cons, and key use cases for each language. Present a simple beginner’s project for hands-on learning. Share essential resources and tips, so you can stand out in the competitive cybersecurity job market.

🍪 We use cookies to enhance your browsing experience on our website. By continuing to use this site, you consent to the use of cookies as described in our Cookie Policy. You can review our Cookie Policy for more information.