Senior Security Consultant (Incident Response Management)

TL;DR

Senior Security Consultant (Incident Response Management): Design and deliver incident management frameworks, lead tabletop exercises, and assess cyber resilience for major organisations with an accent on crisis response planning and stakeholder engagement. Focus on facilitating Silver-level exercises, developing tailored playbooks, and improving incident readiness in complex environments.

Location: Hybrid working in Cheltenham, Manchester, or London with travel to client sites in the UK

Company

hirify.global is a global cybersecurity and resilience company supporting 15,000 customers across multiple regions with a mission to protect organisations' brand and reputation.

What you will do

• Design and enhance incident management and crisis response plans aligned with NIST, ISO 27035, and ISO 22301.
• Lead Silver-level tabletop exercises simulating real-world cyber events for leadership teams.
• Conduct gap analyses and maturity assessments to improve readiness across people, process, and technology.
• Create actionable incident management playbooks and decision trees integrated with technical teams.
• Coordinate with SOC, IR, and resilience specialists to align response and escalation paths.
• Provide advisory to executive and operational stakeholders and produce post-exercise improvement reports.

Requirements

• Must have strong experience in incident management, crisis management, or cyber resilience consulting within complex or regulated environments.
• Proven ability to design and run Silver-level tabletop exercises.
• Knowledge of incident response lifecycle and relevant frameworks (NIST CSF, ISO 27035, ISO 22301, NCSC guidance).
• Excellent facilitation, communication, and reporting skills for senior stakeholders.
• Consulting experience including stakeholder management and requirements gathering.
• Background clearance is mandatory due to the nature of the work.

Nice to have

• Experience with Gold-level (strategic) exercises and business continuity workshops.
• Understanding of communications and media management during cyber incidents.
• Exposure to incident response operations or SOC environments.
• Certifications such as ISO 22301 LA/LI, CISM, CISSP, or PRINCE2.

Culture & Benefits

• Focus on practical, evidence-based improvements over theoretical frameworks.
• Collaborative culture partnering with cyber, continuity, and crisis experts globally.
• Encouragement of continuous learning and expertise growth.
• Inclusive and supportive environment embracing diverse perspectives and flexible working styles.

Hiring process

• Application review until January 4, 2026.
• Mandatory background clearance and vetting process.
• Interviews and assessments focusing on relevant experience and skills.