Cyber Incident Response Consultant - Multiple Levels

Cyberattacks don't wait-and neither do we. Our client is a top-tier global consulting firm with one of the UK's largest and most respected cyber practices, housing over 200 specialists. Their Cyber Incident Response team is on the front line, helping organisations prepare for, respond to, and recover from the threats that keep boards awake at night. They're hiring at every level-from hands-on forensic investigators to senior advisory leaders. If you thrive under pressure and want to work on incidents that make headlines, this is your opportunity.

Please note: All roles require at least eligibility for UK Security Check (SC) clearance. Existing clearance is highly advantageous.

What You'll Do

• Lead and execute live incident response investigations, from forensic acquisition and root cause analysis to threat containment and eviction.
• Perform host-based and network forensics across Windows, Linux, and cloud environments.
• Design and deliver proactive IR services including playbooks, readiness assessments, wargames, and C-Suite training.
• Manage client engagements end-to-end-balancing technical delivery, project governance, and senior stakeholder relationships.
• Drive business development through proposals, pitches, and go-to-market initiatives.
• Mentor colleagues and contribute to the growth and eminence of the practice.

Three distinct profiles are being recruited. SC clearance eligibility is mandatory for all:

Technical Incident Responders (Consultant - Senior Consultant): Proven hands-on IR and forensic investigation experience, including host and network analysis. Proficiency with tools such as KAPE, Magnet Axiom, Volatility, or Wireshark. Strong grasp of MITRE ATT&CK and the full incident response lifecycle. Certifications like GCFA, GCIH, or 13Cubed are a plus.

Technical IR Leaders (Senior Manager - Associate Director): All of the above, plus experience leading complex breach investigations and multi-disciplinary teams. A consulting, MSSP, or systems integrator background with proven client delivery and business development skills. Equally confident in a war room and the boardroom.

IR Advisory & Incident Management Leaders (Senior Manager - Associate Director): Deep expertise in incident and crisis management, IR plan and playbook development, and wargame facilitation. Strong programme management, commercial acumen, and C-Suite communication skills. Experience leading business development and delivering advisory engagements essential. Hands-on forensics not required, but a solid understanding of attacker techniques is expected.

• Exposure to the most complex, high-profile breaches and advisory engagements across every industry.
• World-class development through a dedicated training curriculum, technical mentorship, and career coaching.
• Flexible hybrid working across the UK
• An inclusive team culture where diverse backgrounds are genuinely valued.
• Clear career pathways and a competitive package that rewards your expertise.