×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Systems Engineer

Incident Response Recovery Specialist

Job in Glasgow, Glasgow City Area, G1, Scotland, UK
Listing for: CYFOR group
Full Time position
Listed on 2026-06-07
Job specializations:
  • IT/Tech
    Cybersecurity, Systems Engineer
Salary/Wage Range or Industry Benchmark: 45000 - 55000 GBP Yearly GBP 45000.00 55000.00 YEAR
Job Description & How to Apply Below

Salary: £45,000 to £55,000 depending on experience
Location:Remote (Hybrid)

Job Description

CYFOR is a leading nationwide provider of cyber security services, digital forensics and eDiscovery. We support clients across a wide range of sectors, including law firms, insurance providers and law enforcement agencies. As our cyber security services continue to grow, we are looking for talented technical specialists who can make a meaningful impact for our clients.

At CYFOR, we value people who are passionate about technology, think critically, communicate well and can make a real difference in challenging situations. Our people are what make CYFOR great, and as they grow, so do we.

If you are looking for a varied and highly rewarding technical role, working with great colleagues in a supportive and fast-moving environment, we would like to hear from you.

The Role

We are looking for an experienced Incident Response – Recovery Specialist to join our incident response team. This is a hands‑on technical role focused on helping clients recover from cyber incidents, restore critical services, rebuild infrastructure where necessary, and return to business‑as‑usual as safely and efficiently as possible.

While the role is primarily aligned to incident response work, it is not limited to live incidents alone. In addition to supporting clients during recovery engagements, you may also assist with ongoing incident response retainers, recovery readiness activities, backup health and restore assurance, and internal technical improvement projects.

This role is well suited to candidates with strong engineering fundamentals who may already work in, or come from, roles such as Infrastructure Engineer, Cloud Engineer, Platform Engineer, Backup / DR Engineer, or Network Engineer. We recognise that the right person may not come from a pure DFIR background, but will instead bring deep technical experience in designing, rebuilding, securing and supporting business‑critical systems.

Success in this role will depend on your ability to quickly assess unfamiliar environments, ask the right probing questions, work methodically under pressure, and restore key systems even where documentation is limited or unavailable. In some cases, where backups are not viable, you will be expected to help rebuild core systems and services from scratch.

Key Responsibilities

The main responsibilities for the role will include:

  • Assisting clients with infrastructure remediation, recovery and rebuilds following a cyber incident.
  • Supporting the restoration of critical business services in both on‑premise and cloud environments.
  • Rebuilding key systems from scratch where recovery from backup is not possible or not appropriate.
  • Collaborating with incident response investigators to support containment, remediation and longer‑term resilience.
  • Supporting clients with ongoing incident response retainers and proactive recovery readiness activities between incidents.
  • Monitoring backup health, supporting restore validation, and helping clients improve recovery confidence and resilience.
  • Segmenting infrastructure during a cyber incident to support containment and safe restoration.
  • Collecting and preserving relevant technical evidence, such as firewall, endpoint, authentication and system logs.
  • Supporting Microsoft 365 tenant hardening, Entra / identity recovery, Exchange recovery or migration activities, VMware and Hyper‑V recovery, and firewall rebuilds or rule reviews where required.
  • Automating recovery and administrative tasks using Power Shell and other relevant scripting or command‑line tools.
  • Contributing to internal projects such as automation and tooling, recovery runbooks, backup validation and testing, internal lab development, service improvement initiatives, and internal infrastructure or security projects.
  • Using sound judgement, structured troubleshooting, critical thinking, and appropriate AI‑assisted tooling to improve efficiency, analysis and documentation where suitable.
Essential Skills and Experience

The ideal candidate will have strong practical experience in a number of the following areas:

  • Windows server infrastructure, including Active Directory, Domain…
Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search