Cyber Security Incident Response Consultant

Salary: £35,000 - 50,000 per year

• Solid understanding of networking concepts, operating systems and common attack techniques
• Practical experience using security tooling such as SIEM, EDR, IDS/IPS and firewall technologies
• Hands-on knowledge of forensic methods across Windows, Linux and cloud platforms
• Good understanding of common attack types, including ransomware and phishing, and how they are detected and responded to
• A methodical, analytical approach to problem solving
• Ability to remain calm and effective when working under pressure
• Strong written and verbal communication skills
• 3-5 years experience working in cyber security, with exposure to incident response or SOC environments
• Must be eligible for UK security clearance due to the nature of client engagements
• One or more recognised incident response or forensic certifications (GCIH, GCFA, GCIA, GNFA, GCFR)
• Defensive and detection-focused certifications such as CySA+ or BTL2
• Cloud security certifications (AWS or Azure security-focused) are advantageous
• Demonstrated commitment to continuous professional development within incident response

• Support organisations through cyber incidents by coordinating response activities in line with established incident response frameworks and undertaking technical investigations.
• Analyse logs, endpoint telemetry and network data to identify malicious activity and understand attacker behaviour throughout the incident lifecycle.
• Assist with containment, eradication and recovery activities, advising clients on technical actions while working alongside internal teams and third-party providers.
• Conduct forensic investigations and post-incident reviews to determine root cause, scope of compromise and business impact.
• Engage with client stakeholders, managed service providers and communications teams to ensure a coordinated and effective response.
• Produce clear and accurate incident documentation, including timelines, technical findings and executive-level reports.
• Contribute to the continuous improvement of incident response playbooks, tooling and investigative techniques.
• Incorporate threat intelligence to enhance investigations and strengthen future detection and response strategies.
• Support proactive consultancy activities such as incident response exercises, client briefings and industry events.

• AWS
• Azure
• Cloud
• Firewall
• Support
• Linux
• Network
• Security
• Windows
• Active Directory
• Splunk

We are a highly respected global cyber security organisation delivering incident response and cyber advisory services at the highest level of technical and professional excellence. We support clients across multiple sectors during complex, business-critical cyber incidents, guiding them from initial detection through containment, recovery and post-incident assurance. Our team brings deep expertise across incident response, digital forensics and threat intelligence, and we operate in high-pressure environments where precision, clarity and sound judgement are essential.

This is an office-based role in Belfast, and we are looking for someone prepared to relocate. We offer a collaborative, expert-led consultancy environment with structured training, mentoring and certification pathways to help our people learn, grow and develop.

last updated 26 week of 2026