Cyber Security Incident Response Consultant

Incident Response Consultant

International Cybersecurity Consultancy | £70,000 (DOE) | SC Clearance Eligibility Required

A Unique Opportunity to Make Global Impact

Join an international cybersecurity consultancy delivering critical incident response solutions to government agencies and enterprise clients worldwide. This is hands-on, high-impact work-respond to real breaches, build IR capabilities from the ground up.

The Work That Matters

Government & International Development

• Support government cybersecurity programmes building incident response capabilities in partner nations
• Investigate cyber incidents, design IR infrastructure, and recommend security solutions for government agencies

Enterprise Incident Response

• Respond to ransomware outbreaks, data breaches, and nation-state compromises
• Investigate attack vectors, analyse malicious code, contain threats, and guide recovery

Capability Building

• Create customized incident response playbooks and procedures for organizations
• Analyse emerging threats using MITRE ATT&CK Framework and develop detection signatures

What Makes This Different

• Real-world impact - Strengthen cybersecurity in developing nations, protect critical infrastructure, help organizations recover from devastating attacks
• International exposure - Deliver projects across Europe, Middle East, Africa and beyond (2-3 weeks per quarter)
• Variety - Respond to ransomware one month, train law enforcement the next, design SOC workflows after that
• Autonomy - Work independently, engage directly with senior officials and executives, make technical decisions on-site
• Build capabilities that last - Your work transforms organizations' security posture for years to come

What You'll Do

• Respond to active incidents: investigate, contain, eradicate, and recover from breaches
• Design and implement IR processes, playbooks.
• Deliver hands-on training to law enforcement, government, and corporate security teams globally
• Utilize EDR (CrowdStrike, Defender), SIEM (Sentinel, Splunk), and vulnerability management tools (Qualys)
• Participate in technical working groups addressing cybersecurity challenges
• Build trusted relationships with clients during high-pressure situations
• Communicate complex technical issues to diverse audiences including government officials and C-suite

Who You Are

• Hands-on incident response experience (investigation, containment, eradication, recovery)
• Practical experience with EDR platforms, SIEM solutions, and security analysis tools
• Ability to work autonomously under pressure
• Strong communication skills- explain technical concepts to non-technical audiences
• Comfortable teaching and mentoring
• Eligible for SC clearance (or currently hold active clearance)
• Willing to travel internationally (approx 12 weeks annually)

Valuable Experience

• SOC operations or threat hunting background
• Training delivery experience
• Vulnerability management (Qualys, Tenable)
• Security certifications (GCIH, GCFA, CISSP, CEH, SANS)
• International or cross-cultural work experience

Compensation & Benefits

• £70,000 salary (depending on experience)
• 25 days holiday + bank holidays + 1 day per year of service (up to 30 days)
• Private healthcare, health cash plan, Employee Assistance Programme
• Clear progression plans
• Remote working when not traveling

Ready to Make Global Impact?

If you're an experienced incident responder looking for international exposure, meaningful work, and the opportunity to build lasting capabilities for governments and enterprises worldwide, we want to hear from you. Please note this role will require you to be operate internationally outside the UK approx 12 weeks annually.

Apply now with your CV or reach out to Gary Billings for a confidential conversation.

We welcome applications from all backgrounds. If you don't meet every requirement but are excited about the opportunity, please apply anyway.