Cyber Incident Response

Warwick Hybrid - Inside Ir35international Business Solutions Consulting Limited
Radford Semele, United Kingdom
5 days ago

Role details

Contract type
Temporary to permanent
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Junior

Job location

Radford Semele, United Kingdom

Tech stack

Computer Security
Supervisory Control and Data Acquisition (SCADA)
Mitre Att&ck
QRadar
Cybercrime
Microsoft Sentinel
Splunk

Job description

We are looking for an experienced Cyber Security Incident Response Specialist to join a high-impact security programme supporting the resilience of UK critical national infrastructure (CNI).

You'll join a team responsible for responding to cyber threats across both cyber and physical domains - helping to manage the full incident lifecycle, improve response maturity, and develop scalable IR documentation and exercises.

This is a specialist role for someone with real-world IR experience and the ability to assess, escalate, and coordinate technical and business responses., * Lead or support incident response (IR) activities across the full lifecycle: detection, triage, containment, eradication, recovery, and lessons learned

  • Develop and maintain IR playbooks, plans, and post-incident reports
  • Support post-incident reviews, including root cause analysis (RCA) and lessons learned sessions
  • Design and deliver incident response exercises (eg tabletop simulations)
  • Act as a subject matter expert (SME) for incident response processes and frameworks
  • Collaborate with SOC teams, technical SMEs, and non-technical stakeholders
  • Communicate IR outcomes effectively via reports, presentations, and briefings
  • Build working relationships across internal security functions and external CNI/regulatory stakeholders

Requirements

  • Strong, recent experience in cybersecurity incident response
  • Ability to make informed decisions during incidents (triage, escalate, communicate)
  • Experience working in Critical National Infrastructure (CNI) sectors - eg utilities, energy, telco, banking, health, defence, or transport
  • Working knowledge of NIST, MITRE ATT&CK, or equivalent frameworks
  • Proven ability to communicate IR findings to technical and non-technical audiences
  • Experience contributing to or owning IR playbooks, SOPs, or RCA documentation
  • Must hold current SC clearance or have been previously cleared within the last 12-18 months (or eligible for clearance)

Desirable Skills (Nice-to-Have):

  • Experience within the energy or utilities sector
  • Exposure to OT/ICS environments (eg SCADA, PLCs, DCS)
  • Experience delivering or supporting tabletop IR exercises
  • Familiarity with tools like Microsoft Sentinel, Defender, Splunk, QRadar, Tenable, CrowdStrike, etc.
  • Industry certifications such as CISSP, GCFA, GEIR, CCIM, CISM, CEH, or equivalent

Apply for this position