Senior Cyber Incident Response Consultant
Thanks for checking out our job opening; we are excited that you are interested in learning more about NCC Group. We are on a mission to make society a safer and more secure place. Our people are the ones who make that possible; a global community of talented individuals working together towards a safer future.
We aim to create an environment where everyone can reach their full potential. We work
together, we are brilliantly creative, we embrace difference and we want you to join in our
mission, as a Senior Cyber Incident Response Consultant.
Take a look at our website here to learn more about why we're one of the leading global Cyber
Security and Risk Mitigation business...https://www.nccgroup.com/uk/
Our well-established team are looking for a Senior Cyber Incident Response Consultant to join them. In the role you will collaborate with various individuals and divisions within our the business including the Cyber Incident Response Team, Threat Intelligence teams, Security Operations Centre teams, and our esteemed Red Team.
We have several offices throughout the UK - Manchester, Leeds, Leatherhead, Milton Keyes,
Cheltenham and Edinburgh. Therefore, we can accommodate you, no matter where you are based in the UK.
What would a typical day look like?
Well, that ultimately depends on your skillset. Our clients range from some of the largest global
enterprises, to some of the smallest local firms, so each job is vastly different. So rather than telling you what a typical day looks like, we'll explain a few of our commercial service lines.
• Reactive - Incident Response - In the trenches, on the front line of detecting and defending
customers as they experience a breach or emerging threats.Proactive - Compromise
Assessments & Threat Hunts, hunting for the unknown and identifying deeply rooted threat
actors in customer networks. Watching, learning and then mitigating the threat.
• Threat Intelligence - Tracking malicious threat actors and campaigns to provide actionable
intelligence for our Incident Response and Compromise Assessments. Disseminating this Intel
to our wider security teams ensuring that our managed service customers are covered against
the latest techniques, tactics and procedures.
If successful, we'd expect you to responding to or supporting incident response engagements;
conducting proactive services such as Compromise Assessments, Purple Teaming or Cyber Security Consultancy; or enabling our research and threat intelligence helping us to develop and improve our capability.
As NCC Group strive to support clients with quality expertise and knowledge, we would like you to have reasonable knowledge across multiple areas, which includes prior experience of working on incident response engagements where an advanced attacker or state sponsored group is desirable.
Who are we looking for and what will you be doing in the role?
As a CIRT team member, you will be involved with a variety of engaging and stimulating client work that will take place on-site and remotely and will include:
• Delivering technical tasks on our engagements
• Emergency incident response - mitigation and remediation.
• Calm and collected client Incident Management
• Delivering high quality technical investigations to clients
• Assist in the identification, resolution and documentation of security incidents.
• Intelligence driven investigative analysis
• The ability to discuss wider technology and security posture with a client ultimately to perform Cyber Threat Readiness reviews.
Additionally the following would be beneficial to the role:
• Capable to deliver Cyber First responder and forensic training courses.
• Ad hoc IR and forensic advice and consultancy
• Understanding of Mitre ATT&CK framework
• Practical network attack experience
• Experience in Network monitoring
What will you get in return?
At NCC Group we pride ourselves on our capability to offer you the career that you want and where you want to take it. Whether that be long term progression opportunities, guaranteed research time or continuous technical and non-technical training, the opportunities here are endless.
In addition to this we offer:
• Flexible working - Wherever your base location/office might be, remote/office working
opportunities are available for individuals who live further away (talk to our careers advisors for more information about this)
• Monthly tech team presentations and socials along with capture the flag team opportunities
• Annual two day internal security conference NCCCon (The last one was in Portugal in January
• Opportunities to go to BlackHat and DefCon in Las Vegas
• Opportunities for international travel if desired
• Generous car allowance / selection of vehicles
• Bonus for working on client sites
• Bonuses for significant contributions to research and delivery
• Skills qualification allowances
• Variation of work across all sectors, technologies and engagement types with opportunities
including potential secondments (if of interest) through to management of multi-month technicalengagements and teams of consultants.
• Ability to innovate and be recognised and rewarded for such
• Mentoring opportunities by senior leadership