General Manager – DFIR

Job Title: General Manager DFIR

Location: India - Ahmedabad

Reporting to: Head Digital Forensics and Incident Response

Department: Cybersecurity Services Digital Forensics and Incident Response

Qualifications & Certifications:

• Bachelors or Masters in Cybersecurity, Computer Science, or related fields
• Preferred certifications: GCFA, GCFE, CHFI, CISSP, or equivalent
• 14 + years of cybersecurity experience with minimum 5 years in DFIR leadership roles
• Experience managing DFIR services for critical infrastructure or consulting environments

Role Overview:

The General Manager DFIR will lead and execute advanced digital forensic investigations and manage end-to-end incident response operations across complex OT and IT environments. The role entails responsibility for managing technical DFIR teams, engaging with enterprise and industrial clients, and ensuring high-impact resolution to cybersecurity breaches, insider threats, APT activity, and ransomware incidents. The role requires developing technical playbooks, incident readiness frameworks, and forensic capabilities aligned with global standards and industrial needs.

Key Responsibilities:

• Lead forensic investigation and root cause analysis of cyber incidents across OT/ICS and IT environments
• Coordinate incident response activities, manage breach containment, and ensure recovery compliance
• Develop and maintain playbooks, SOPs, and readiness frameworks for both proactive and reactive DFIR measures
• Build and manage forensic labs and tooling infrastructure for memory, disk, network, and cloud forensics
• Interface with client CISO teams and legal/compliance teams during forensic escalations
• Mentor and lead junior investigators and ensure skill development through hands-on training
• Drive continuous improvement initiatives in forensic collection, chain of custody, and evidence handling procedures
• Support expert testimony, litigation response, and legal documentation when required
• Collaborate with red, blue, and purple teams for integrated threat mitigation strategy
• Conduct forensic workshops, table-top exercises, and readiness assessments for clients
• Liaise with global OEMs and DFIR product partners for capability enhancement

Required Skills and Tools:

• Proficient in: EnCase, FTK, Magnet AXIOM, Autopsy, Volatility, Wireshark
• Experience with EDR/XDR platforms (e.g., CrowdStrike, SentinelOne, Carbon Black)
• Familiarity with OT forensic challenges – including air-gapped ICS/SCADA systems
• Understanding of MITRE ATT&CK, cyber kill chain, and attacker TTPs
• Hands-on with cloud forensics (AWS, Azure, GCP)
• Deep knowledge of ICS protocols like Modbus, DNP3, OPC-UA, etc.

Personality Traits & Leadership:

• Strong analytical and detail-oriented mindset
• Strategic thinking with calmness under pressure
• Proven leadership in crisis situations and stakeholder communication
• Strong team management and mentorship capability
• Collaborative and cross-functional coordination with SOC, engineering, legal, and client teams

Preferred Industry Background:

• OT OEMs (e.g., ABB, Schneider, Siemens, Yokogawa)
• IT OEMs (e.g., Cisco, Palo Alto, Fortinet)
• Consulting (e.g., EY, Deloitte, KPMG, PwC)
• Industrial sectors (Power, Ports, Mining, Oil & Gas, Airports)

Kindly email your CV to Mansi.Namdev1@adani.com