Cyber Security Consultant (Cyber Incident Response)

Cyber Security Consultant (Cyber Incident Response Manager) - Inside IR35 - Remote with occasional travel to London or Gloucester - 3 Months initial contract with potential to extend.

We're supporting a major, ZERO CARBON energy organisation at the forefront of building a secure and resilient energy future in the appointment of a Cyber Incident Response Manager.

This is a high-impact role focused on evolving and optimising an already established cyber incident management capability. You'll take ownership of the strategy, maturity, and continuous improvement of the organisation's incident response and crisis management function-ensuring it is robust, scalable, and aligned to the threat landscape facing critical national infrastructure.

This is not a purely operational role. It's about transformation, governance, and embedding best-in-class incident management practices across a complex enterprise environment.

The Role -

Sitting within the Enterprise IT function, you will lead the development and execution of the organisation's Cyber Incident Management strategy, ensuring readiness across the full incident lifecycle-from preparation and detection through to response, recovery, and lessons learned.

You'll work across technical and non-technical teams, engaging senior stakeholders and external partners to ensure the organisation is fully prepared to respond to incidents ranging from routine events through to major crises impacting business continuity.

Key Responsibilities-

Strategy, Transformation & Governance - 

• Define and deliver a multi-tier Cyber Incident Management strategy, aligned to enterprise risk and integrated with wider incident and crisis frameworks
• Drive the maturity and optimisation of the existing incident management function, identifying gaps and implementing improvements
• Own and maintain the Incident Management standards, policies, and processes within the ISMS, ensuring alignment with best practice and regulatory expectations
• Establish metrics, KPIs, and reporting to measure capability effectiveness and drive continuous improvement
• Manage budgets and resource planning to support capability development and ongoing optimisation

Preparedness & Exercising - 

• Ensure comprehensive incident response and crisis management plans are in place across all levels of the organisation
• Design and deliver a structured exercising programme (tabletop, simulation, red team scenarios) aligned to real-world threats in the energy sector
• Embed a culture of continuous learning, ensuring lessons learned are captured and translated into measurable improvements

Crisis Management & Stakeholder Engagement - 

• Develop executive-level communication strategies, including briefing packs and reporting frameworks for major incidents
• Act as a key point of coordination during high-severity incidents and crisis scenarios
• Build and maintain strong relationships with internal stakeholders and external partners
• Influence and engage senior leadership to ensure organisation-wide alignment and readiness

What Good Looks Like -

• Proven experience in cyber incident response, crisis management, or incident management leadership roles
• Demonstrated success in transforming or maturing an incident management capability within a complex organisation
• Strong understanding of the incident management lifecycle, including preparation, detection, response, and post-incident improvement
• Experience operating within regulated or critical infrastructure environments (energy, utilities, government, etc.) is highly desirable
• Ability to translate complex technical incidents into clear, actionable insights for senior stakeholders
• Strong stakeholder management skills, with the ability to influence across technical and business teams
• Familiarity with frameworks such as ISO 27001, NIST, or similar

Why Apply?

• Opportunity to shape and evolve cyber resilience within a critical national infrastructure environment
• High-visibility role with direct impact on enterprise-wide risk and operational continuity
• Strong focus on strategy, transformation, and continuous improvement, not just BAU operations
• Collaborative environment with access to senior leadership and key decision-makers