Cyber Incident Response Consultant

Nihon Cyber Defence (NCD)area global cyber security company protecting and supporting critical national infrastructure, governments, largeorganisationsand small, medium enterprises (SMEs) from the increasing impact of debilitating cyber-attacks, which continue to increase in frequency and complexity.

Ourspecialist cyber security consultancyteamprovidea full range of services to support and enhance the cyber securityresilienceof organisations globally, rapidly dealing with the fallout and management of cyber incidents.

NCD are headquartered in Tokyo, Japan withoperations supported by a global teambased in various locations inEurope,UK, and Asia. Thisensures that NCD can provide 24/7 incident response and management services.

We are an accredited provider forIncident Response Provider and Assured Cyber Incident Exercise Providerby theUK’sNational Cyber Security Centre (NCSC).

The Role

This is an exciting opportunity to join ourIncidentManagementteam andestablishyourself as an expert!

We are looking for a skilled and proactiveCyber IncidentResponseConsultantto join ourglobalcybersecurity team. In this mid-level rolewhereyou’dbe accountable to both clients and internal stakeholders. You will play a critical partresponding to our client’s needsin detecting, analysing, and responding to cybersecurity incidents.You’llwork closely with securityconsultants,incident commandersandleadershipstakeholdersboth internal to NCD and client-sidetocontainthreats,understand andminimise impact, andcarry out forensic analysis.

This role will require you to be on-site at our Belfast or Dublin office. There may be a need for frequent travel between our offices, client sites, and the possibility of international travel as required by the business. You must have the right to live and work in the UK or Ireland to apply for this role.

Key Responsibilities:

• Incident Detection & Response:Investigate and respond toretained and non-retained clients during an incident
• Threat Analysis:Perform in-depth analysis of logs, network traffic, and endpoint data toidentifyindicators of compromise (IOCs) and tactics, techniques, and procedures (TTPs).
• Containment & Remediation:Lead containment, eradication, and recovery efforts during active incidents, ensuring minimal disruption to business operations.
• Forensics & Root Cause Analysis:Conduct forensic investigations and post-incident reviews todeterminethe origin and impact of security breaches.
• Collaboration:Work within-house client teams, MSPs,and communications teams to coordinate incident response and reporting.
• Documentation:Maintaindetailed incident records, timelines, and reports forclients,internalstakeholdersand regulatory compliance.
• Continuous Improvement:Contribute to the development and refinement of incident response playbooks, detection rules, and security tools.
• Threat Intelligence Integration:Leverage threat intelligence to enhance detection and response strategies.

Requirements:

• Required:3–5 years of experience in cybersecurity, with at least 2 years in incident response or SOC roles.
• Required:Strong knowledge of security tools andgeneral securitytechnologies (e.g., SIEM, EDR, IDS/IPS, firewalls).
• Desired:Familiarity with MITRE ATT&CK framework and common attack vectors.
• Required:Experience with forensic tools and techniques (e.g., memory analysis, disk forensics, log analysis)for on-prem, hybrid and cloud environments.
• Required:Understanding of network protocols, operating systems (Windows, Linux), and cloud environments.
• Required:Ability to work under pressure and manage multiple incidents simultaneously.
• Required:Strong written and verbal communicationability.
• Required:Excellent analytical, communication, and problem-solving skills.
• Desired:Certifications (e.g., GCIH, GCFA, CEH, OSCP)would beadvantageous.
• Desired:Bachelor’s degree in computer science or cyber security.