Cyber Security Consultant (Cyber Incident Response)

Cyber Security Consultant (Cyber Incident Response Manager)

Inside IR35 – Remote with occasional travel to London or Gloucester – 3‑month initial contract with potential to extend.

We’re supporting a major, zero‑carbon energy organisation at the forefront of building a secure and resilient energy future in the appointment of a Cyber Incident Response Manager.

High‑impact role focused on evolving and optimising an already established cyber incident management capability. The role is about transformation, governance, and embedding best‑in‑class incident management practices across a complex enterprise environment.

The Role

Sitting within the Enterprise IT function, you will lead the development and execution of the organisation’s Cyber Incident Management strategy, ensuring readiness across the full incident lifecycle – from preparation and detection through to response, recovery, and lessons learned.

You will work across technical and non‑technical teams, engaging senior stakeholders and external partners to ensure the organisation is fully prepared to respond to incidents ranging from routine events through to major crises impacting business continuity.

Key Responsibilities

• Define and deliver a multi‑tier Cyber Incident Management strategy, aligned to enterprise risk and integrated with wider incident and crisis frameworks.
• Drive the maturity and optimisation of the existing incident management function, identifying gaps and implementing improvements.
• Own and maintain the Incident Management standards, policies, and processes within the ISMS, ensuring alignment with best practice and regulatory expectations.
• Establish metrics, KPIs, and reporting to measure capability effectiveness and drive continuous improvement.
• Manage budgets and resource planning to support capability development and ongoing optimisation.
• Ensure comprehensive incident response and crisis management plans are in place across all levels of the organisation.
• Design and deliver a structured exercising programme (tabletop, simulation, red team scenarios) aligned to real‑world threats in the energy sector.
• Embed a culture of continuous learning, ensuring lessons learned are captured and translated into measurable improvements.
• Develop executive‑level communication strategies, including briefing packs and reporting frameworks for major incidents.
• Act as a key point of coordination during high‑severity incidents and crisis scenarios.
• Build and maintain strong relationships with internal stakeholders and external partners.
• Influence and engage senior leadership to ensure organisation‑wide alignment and readiness.

What Good Looks Like

• Proven experience in cyber incident response, crisis management, or incident management leadership roles.
• Demonstrated success in transforming or maturing an incident management capability within a complex organisation.
• Strong understanding of the incident management lifecycle, including preparation, detection, response, and post‑incident improvement.
• Experience operating within regulated or critical infrastructure environments (energy, utilities, government, etc.) is highly desirable.
• Ability to translate complex technical incidents into clear, actionable insights for senior stakeholders.
• Strong stakeholder management skills, with the ability to influence across technical and business teams.
• Familiarity with frameworks such as ISO 27001, NIST, or similar.

Why Apply

Opportunity to shape and evolve cyber resilience within a critical national infrastructure environment; high‑visibility role with direct impact on enterprise‑wide risk and operational continuity; strong focus on strategy, transformation, and continuous improvement, not just BAU operations; collaborative environment with access to senior leadership and key decision‑makers.

#J-18808-Ljbffr