Skip Navigation


OR Match jobs with LinkedIn

Any information we receive from LinkedIn is determined by LinkedIn and your privacy settings thereon. Duff & Phelps is not responsible for the privacy practices of any non-D&P operated websites. We will process any data we receive in accordance with our privacy policy.


Vice President, Cyber Risk

Job ID 20000662 Agrate Brianza, Italy

Our professionals balance analytical skills, deep market insight and independence to deliver solid, defensible analysis and practical advice to our clients. As an organization, we think globally. We create transparency in an opaque world, and we encourage our people to do the same. That means when you take your place on our team, you’ll discover a supportive and collaborative work environment that empowers you to excel. If you’re ready to share your perspective with the world, then you can make a real impact here. This is the Duff & Phelps difference.


At Duff & Phelps, your work will help protect, restore and maximize value for our clients. Join us and together we’ll maximize the value of your career.

Role overview:

Incident Responders at Vice President level are responsible for managing and delivering client engagements, responding to cyber incidents on behalf of our clients. Vice Presidents have complete responsibility for managing complex incidents, client communications and ensuring we deliver an excellent level of service.

Personal attributes

  • Rounded interpersonal skills with an ability to communicate to both the board and technical staff
  • Able to produce excellent quality, client focussed reports written in business language, in English.
  • Able to speak the regional language and English fluently.
  • Work exceptionally well under pressure, in sometimes pressured conditions on client site.
  • Be available to respond to clients and travel at short notice
  • Display a level of commercial awareness, leading to an ability to reliably scope and cost inbound work.
  • Be able to present work precisely, concisely, accurately and in an engaging way to clients and conferences.
  • Ideally, be a CREST certified incident responder. Have a track record of attending SANS training.
  • Ability to support business development opportunities across the Kroll Incident Response portfolio of services

Technical attributes

  • Track record of excellence in delivering reactive incident response services in a client facing capacity
  • Experienced in the delivery of pro-active incident response services (IR Plan development, TableTop Exercises etc.)
  • Wide knowledge of the digital threat landscape.
  • Understand how corporate infrastructure is implemented and have the skills and experience to identify likely modes of attack based on experience and knowledge of threat
  • Be able to identify an adversary’s approach to an attack through:
    • Excellent knowledge of conducting efficient and thorough host system analysis and triage including digital forensic principles and practices.
    • Excellent knowledge of network forensics and capturing data from live environments.
    • Excellent knowledge of Cyber Incident Response processes and procedures, as applied in the real-world.
    • Excellent detailed knowledge of the Windows platform, along with the fundamentals of UNIX systems, including MacOS and Linux distributions.
    • Conducting basic analysis of the behaviour of malware and produce actionable intelligence from said analysis.
    • Be familiar with a wide range of threats, the kind of digital footprints left behind by an adversary, where to search for evidence and be familiar enough with a wide range of enterprise IT systems to know where to look for low hanging fruit.
    • Conduct log analysis using standard tools (e.g. Splunk)
    • Ideally, be familiar with (and have operational knowledge of) at least one threat hunting platform such as Carbon Black.
    • Knowledge of virtualisation platforms and how to forensically acquire data from these sources.
  • Have experience in establishing containment and tactical remediation measures against a wide range of threats, scenarios and configurations.
  • Understand how to help clients eradicate threats from their environment, leading to strategic remediation and recommendations for improvement.
  • Manage and implement evidential procedures within the scope of an engagement, such as integrity management and chain of custody.
  • Ability to manage and lead resources in complex engagements
  • Knowledge of at least 1 scripting/programming language (i.e. Python, Go, Perl etc.)
  • Ideally, undertake self-directed research into cyber threats.

In order to be considered for a position at Duff & Phelps, you must formally apply via 


Duff & Phelps is committed to equal opportunity and diversity, and recruits people based on merit.

In order to be considered for a position at Kroll, you must formally apply via

Duff & Phelps is committed to providing equal opportunities in employment. We will not discriminate between applications for reason of gender, gender identity, race, religion, color, nationality, ethnic origin, sexual orientation, marital status, veteran status, age or disability.

Similiar Jobs

By entering your city, state and zip we can better target communications to your location.