ZipRecruiter

Log In

1

Dfir Manager Jobs (NOW HIRING)

CyberMaxx

Customer Success Manager

Linthicum, MD

... DFIR) to continually adapt to new and evolving threats. Our modern MDR (Managed Detection ... Response) approach is tailored to the unique characteristics and risk factors of each customer ...

Beyond SOF

Lab Manager - III

Arlington, VA

Team personnel provide front line response for digital forensics/incident response (DFIR) and ... management and deployment across Windows, MacOS, Linux/Unix, and other operating systems and ...

TRIGO

Inventory Specialist

Greer, SC · On-site

$17 - $21.75/hr

Manage reject, DFIR, and STR processes * Manage and complete cleanliness/housekeeping and material cycle count and organizations in the PAC areas Technical * Maintain 610 updated report on inventory ...

Kroll

Senior Director, Discovery Solutions

New York, NY · On-site

$125K - $250K/yr

... DFIR, and Breach Notification teams. * Build and develop a high-performing team through recruitment, mentoring, and continuous skill development. Vendor & Ecosystem Management * Manage relationships ...

CYBERMAXX LLC

Customer Success Manager

Linthicum, MD · On-site

... DFIR) to continually adapt to new and evolving threats. Our modern MDR (Managed Detection ... Response) approach is tailored to the unique characteristics and risk factors of each customer ...

Beyond SOF

Lab Manager - III

Arlington, VA · On-site

Team personnel provide front line response for digital forensics/incident response (DFIR) and ... management and deployment across Windows, MacOS, Linux/Unix, and other operating systems and ...

Kroll

Senior Director, Discovery Solutions

New York, NY · Remote

$125K - $250K/yr

... DFIR, and Breach Notification teams. * Build and develop a high-performing team through recruitment, mentoring, and continuous skill development. Vendor & Ecosystem Management * Manage relationships ...

next page

Showing results 1-20

People also search for

All JobsDfir Manager Jobs

Dfir Manager information

What are the key skills and qualifications needed to thrive as a DFIR (Digital Forensics and Incident Response) Manager, and why are they important?

To thrive as a DFIR Manager, you need a solid background in cybersecurity, digital forensics, and incident response, often supported by a degree in computer science or related fields and industry certifications like GCFA or CISSP. Familiarity with forensic analysis tools (e.g., EnCase, FTK), SIEM systems, and threat intelligence platforms is crucial. Strong leadership, communication, and problem-solving skills help you coordinate teams and effectively manage crisis situations. These skills are vital for leading complex investigations, ensuring rapid and accurate incident response, and protecting organizational assets from cyber threats.

How does a DFIR Manager typically coordinate incident response efforts with other departments during a cybersecurity event?

A DFIR Manager plays a crucial role in orchestrating incident response by collaborating closely with IT, legal, compliance, and executive teams. During a cybersecurity event, they facilitate communication between technical responders and stakeholders, ensuring everyone is informed of the incident's status and required actions. The manager assigns roles, oversees evidence collection, and ensures that response steps align with company policies and regulatory requirements. This cross-functional coordination is essential for timely containment, mitigation, and post-incident review.

What is a DFIR Manager?

A DFIR Manager is a cybersecurity professional responsible for leading Digital Forensics and Incident Response (DFIR) teams. They oversee investigations into security incidents, manage response efforts, and ensure that digital evidence is collected and preserved correctly. DFIR Managers also develop and implement incident response plans, coordinate communication between stakeholders, and provide guidance to technical staff to minimize the impact of cyber threats. Their role is crucial in helping organizations recover from security breaches and in preventing future incidents.

What is the difference between Dfir Manager vs Cybersecurity Analyst?

AspectDfir ManagerCybersecurity Analyst
Required CredentialsCertifications like GIAC, CISSP, or CISA; experience in digital forensics and incident responseCertifications such as CompTIA Security+, CISSP, or GIAC; focus on security monitoring and analysis
Work EnvironmentIncident response teams, forensic labs, corporate security departmentsSecurity operations centers, threat analysis teams, IT departments
Employer & Industry UsageUsed in cybersecurity firms, law enforcement, large corporationsCommon across industries with IT infrastructure, government agencies, private sector

The Dfir Manager primarily oversees digital forensics and incident response processes, focusing on investigating cyber incidents. In contrast, a Cybersecurity Analyst monitors security systems, analyzes threats, and supports prevention efforts. While both roles require cybersecurity certifications and work in security-focused environments, their core responsibilities differ: one manages forensic investigations, the other focuses on threat detection and prevention.

More about Dfir Manager jobs
What cities are hiring for Dfir Manager jobs? Cities with the most Dfir Manager job openings:
What are the most commonly searched types of Dfir jobs? The most popular types of Dfir jobs are:
What states have the most Dfir Manager jobs? States with the most job openings for Dfir Manager jobs include:
What job categories do people searching Dfir Manager jobs look for? The top searched job categories for Dfir Manager jobs are:
Dfir Manager jobs near you
Infographic showing various Dfir Manager job openings in the United States as of May 2026, with employment types broken down into 99% Full Time, and 1% Temporary. Highlights an 98% Physical, and 2% Hybrid job distribution.

SOC Manager

Fidelity National Financial

Jacksonville, FL • On-site

Full-time

Posted 15 days ago

Fidelity National Financial rating

7.8

Company rating: 7.8 out of 10

Based on 48 frontline employees who took The Breakroom Quiz

163rd of 259 rated insurance

Job description

Overview
POSITION OVERVIEW
The Security Operations Center (SOC) Manager is responsible for leading and maturing a 24x7 enterprise SOC supporting a global Fortune 500 organization. This role oversees a geographically dispersed team of security analysts responsible for threat detection & response.
The SOC Manager provides strategic and operational leadership, ensuring rapid detection and response to cyber threats while continuously improving people, process, and technology. This role partners closely with other teams in the information security organization as well as with IT, risk management, legal, privacy, and business leaders to protect the organization from evolving cyber risks.
LOCATION
  • Role is based in Jacksonville, Florida, with interaction across global teams and time zones
  • Participation in major incident response activities outside standard business hours may be required
  • Rarely, travel may be required to support team engagement or leadership meetings

DUTIES & RESPONSIBILITIES
Leadership & Team Management
  • Lead, mentor, and develop a geographically distributed SOC team, including analysts across multiple shifts and regions
  • Drive a culture of accountability, continuous improvement, and operational excellence
  • Define roles, skill sets, training paths, and career development plans for SOC staff
  • Manage staffing models to support 24x7 operations, including managing on-call rotations

Security Operations
  • Oversee daily SOC operations, including monitoring, triage, investigation, containment, and remediation of security incidents
  • Ensure consistent execution of response playbooks and standard operating procedures
  • Coordinate cross-functional response efforts with DFIR, IT, legal, privacy, HR, and communications teams

Threat Detection & Monitoring
  • Ensure effective use and continuous improvement of security tooling such as SIEM, XDR, NDR, and threat intelligence platforms
  • Drive enhancements to detection use cases, alert fidelity, and automation
  • Evaluate emerging threats and attacker techniques and translate intelligence into actionable detection strategies

Metrics, Reporting & Governance
  • Define and track SOC KPIs and metrics (e.g., MTTD, MTTR, alert quality, coverage)
  • Provide clear, concise reporting to executive leadership on SOC performance, risk posture, and incident trends
  • Ensure SOC operations align with internal policies, regulatory requirements, and industry frameworks (e.g., NIST)

Strategy & Continuous Improvement
  • Develop and execute a multi-year SOC maturity roadmap aligned to business and risk priorities
  • Identify opportunities for process optimization, automation, and technology improvements
  • Participate in vendor evaluation, tool selection, and budget planning related to SOC capabilities
  • Support audits, tabletop exercises, and purple team activities

MINIMUM REQUIREMENTS
  • Bachelor's degree in Information Security, Computer Science, or a related field, or equivalent practical experience
  • 8+ years of experience in cybersecurity operations, incident response, or threat detection
  • 3+ years of experience managing security teams or leading SOC operations
  • Hands-on experience with enterprise security tools (SIEM, EDR/XDR, and threat intelligence platforms)
  • Strong understanding of attacker tactics, techniques, and procedures (TTPs)
  • Proven ability to lead teams in high-pressure, time-sensitive environments
  • Excellent communication skills with the ability to brief technical and non-technical stakeholders

PREFERRED EXPERIENCE
  • Experience operating a SOC in a large, complex, or regulated enterprise environment
  • Relevant certifications such as CISSP, CISM, GCED, GCIH, or equivalent
  • Familiarity with cloud security operations (AWS, Azure, GCP)
  • Experience managing globally distributed or follow-the-sun SOC models
  • Prior experience supporting executive-level incident communications

What Fidelity National Financial employees say

Pay

Benefits

Hours and flexibility

Workplace

Get the full story on Breakroom

Apply