Managing Consultant - Incident Response Management

**Senior Security Consultant – Incident Response Management****Cheltenham/Manchester - Hybrid working with travel to client sites**In this role at NCC Group you’ll help clients design, refine, and test their incident management capabilities through pragmatic planning and immersive tabletop exercises. You’ll shape crisis response frameworks that work under real pressure, strengthen leadership decision-making, and ensure clients are confident in their readiness to respond to cyber incidents.This is a role where your expertise directly improves resilience and recovery outcomes for major organisations across multiple sectors.**What you’ll do*** **Design and deliver incident management frameworks:** Build and enhance incident management and crisis response plans aligned to best practice (NIST, ISO 27035, ISO 22301).* **Lead Silver-level tabletop exercises:** Facilitate engaging, scenario-based workshops for leadership teams, simulating real-world cyber events to test strategy, communication, and coordination.* **Assess and uplift readiness:** Conduct gap analyses and maturity assessments to identify strengths and improvement areas across people, process, and technology.* **Develop tailored playbooks:** Create clear, actionable incident management playbooks and decision trees that integrate with technical and operational response teams.* **Coordinate with technical teams:** Work with SOC, IR, and resilience specialists to ensure incident response and escalation paths are aligned.* **Engage stakeholders:** Provide trusted advisory to executive, operational, and technical audiences; translate technical impact into clear business decisions.* **Capture lessons learned:** Produce post-exercise reports and improvement roadmaps that drive measurable maturity gains.* **Mentor and share expertise:** Support junior consultants and contribute to internal knowledge bases and client-facing collateral.**What you’ll bring*** Strong experience in **incident management**, **crisis management**, or **cyber resilience consulting**, ideally within complex or regulated environments.* Proven background designing and running **tabletop exercises**, particularly at **Silver (tactical/managerial)** level.* In-depth knowledge of incident response lifecycle principles (prepare, detect, respond, recover, learn).* Familiarity with frameworks such as **NIST CSF**, **ISO 27035**, **ISO 22301**, and **NCSC guidance**.* Excellent facilitation and communication skills — confident leading workshops and debriefs with senior stakeholders.* Strong written reporting ability, with a focus on clarity, prioritisation, and actionable outcomes.* Consulting experience including stakeholder management, requirements gathering, and presentation of findings.**Nice-to-haves (not show-stoppers)*** Experience facilitating **Gold-level (strategic)** exercises or broader business continuity workshops.* Understanding of **communications and media management** during cyber incidents.* Exposure to **incident response operations** or **SOC environments**.* Certifications such as **ISO 22301 LA/LI**, **CISM**, **CISSP**, or **PRINCE2**.**How we work*** **Real-world focus.** We prioritise practical, evidence-based improvements over theoretical frameworks.* **Collaborative culture.** You’ll partner with cyber, continuity, and crisis experts across NCC Group’s global network.* **Continuous learning.** We encourage you to experiment, research, and grow your expertise.* **Inclusive and supportive.** We embrace diverse perspectives and flexible working styles.**About NCC Group**We’re a global cyber security and resilience company with 2,000+ colleagues supporting 15,000 customers across the UK, North America, Europe, APAC and the Middle East. Our mission is to help organisations protect their brand, value, and reputation in an ever-evolving threat landscape. We invest in our people and operate with fairness, creativity, and respect.**Inclusion & accessibility**We’re committed to diversity, equity, and flexibility. If you need reasonable adjustments at any stage, please let us know. Your personal data will be handled in line with our Privacy Policy. If you’d prefer us not to retain your details for future opportunities, please contact global.ta@nccgroup.com.If this sounds like you, we’d love to hear from you. We value curiosity, adaptability, and the drive to make a difference.**Applications are open until the 4th of January,** so don't hesitate - we're looking forward to speaking with you in the new year!**\*\*\* Please note that this role has background clearance as mandatory due to the nature of the work NCC Group does. To apply, you must be willing and able to undergo the vetting process \*\*\***