Cyber Security SME

Role overview:

We are Hiring an experienced Cyber Incident Response Consultant to support our cybersecurity function on a contract basis. The consultant will be responsible to conduct a comprehensive maturity assessment of 3PLs existing IR capabilities using the CREST CISR Maturity Assessment Model. The assessment will evaluate:

  • People – skills, roles, responsibilities, and training
  • Processes – IR plans, policies, playbooks, communication and escalation
  • Technology – tooling, detection capabilities, SIEM, automation
  • Metrics & Reporting – tracking, lessons learned, and performance reporting.

Your responsibilities:

  • Discovery
  • Configure and scope the CREST CISR assessment (including weighting), with stakeholder sign-off
  • Gather information and evidence through:
  • Workshops and stakeholder interviews
  • Documentation review
  • Access to IR tooling and data
  • Assessment
  • Complete the CREST CISR Detailed Maturity Assessment Tool, including supporting commentary and evidence across all domains (criticality, threat analysis, controls, identification, response, recovery, reporting, etc.)
  • Reporting
  • Completed assessment tool with evidence links and results
  • A formal IR Maturity Assessment report summarising methodology, findings, and outcomes
  • Outcome should address
  • Completeness – full coverage of assessment areas with supporting evidence
  • Accuracy – correct reflection of the IR maturity
  • Quality – clear, structured reporting suitable for both technical and non-technical audiences, and reusable for future assessments

Your Profile

Essential skills/knowledge/experience:

  • In-depth experience in conducting IR assessment using CREST assessment model - Mandatory
  • Proven consulting experience (typically 10+ years) in incident response, SOC operations, cybersecurity and GRC.
  • Demonstrated ability to produce high-quality IR documentation and playbooks for medium-to-large organisations.
  • Deep understanding of modern threat actors, attack methodologies, and incident response lifecycle.
  • Exceptional written communication skills and ability to deliver polished, structured documentation.
  • Ability to work independently, meet deadlines, and drive deliverables with minimal supervision.

Desirable skills/knowledge/experience:

  • GCIH, GCFA, CISSP, or equivalent security certifications.
  • Experience working within regulated sectors (financial services, healthcare, government, critical infrastructure).
  • Prior participation in or leadership of real-world cyber incident response activities.
  • Familiarity with identity governance, EDR platforms, SIEM tooling, and cloud security architecture.
Apply Now
Apply Now

Job Details

Company
Gazelle Global
Location
London Area, United Kingdom
Posted