Find a job 
Featured Companies 
Featured Universities 
For Companies We\’re Hiring: Principal Incident Response Investigator / Consultant – Remote – Β£85k
π UK-based | DV Clearance Required (or ability to attain)
πΌ Consulting | Cyber Security | Digital Forensics | Incident Response
Are you ready to lead the front line in cyber defence?
Weβre looking for a Principal Incident Response Investigator / Consultant to take the lead in high-stakes, high-impact engagements across government, critical national infrastructure, and private sector clients.
This is a senior, client-facing role for a seasoned professional who thrives under pressure, communicates with confidence, and brings deep technical expertise to the table.
π₯ What Youβll Do
- Lead Complex Investigations: Own end-to-end incident response engagements β from triage and containment through to forensic analysis, recovery, and reporting.
- Take Command in Crisis: Act as incident commander for major breaches, guiding clients, coordinating stakeholders, and engaging with law enforcement when needed.
- Advise at the Highest Level: Deliver briefings to executives, boards, regulators, and legal teams in the heat of the moment.
- Apply Deep Forensics: Investigate across Windows, Linux, macOS, cloud, SaaS, and hybrid environments.
- Grow Our Capabilities: Develop playbooks, tools, and methodologies that raise the bar for incident response delivery.
- Mentor & Inspire: Coach junior investigators and contribute to internal knowledge sharing and external thought leadership.
π What We\’re Looking For
- DV clearance (or the ability to obtain it) β this is essential.
- Extensive experience in incident response, forensics, or threat hunting, ideally in a consultancy or client-facing role.
- Proven track record leading large-scale incidents β ransomware, insider threats, nation-state intrusions.
- Strong technical capabilities in forensic tooling, EDR/SIEM, scripting (Python, PowerShell, Bash), and cloud environments.
- Excellent communication skills and confidence engaging with both technical and executive audiences.
β Preferred Qualifications
- ChCSP β Incident Response (or willingness to attain).
- GIAC (GCFA, GCFE, GEIR, GREM, GNFA), CREST CRTIR, CISM, or CISSP certifications.
- Experience liaising with legal, regulatory, and insurance stakeholders during high-pressure incidents.
- Background in reverse engineering, threat intelligence, or TTP attribution.
- Public contributions to the security community (e.g. speaking, publishing, tooling).
π What Youβll Get from Us
- Competitive salary, plus overtime and on-call allowances
- Dedicated research time
- Fully funded certifications
- The chance to lead response efforts on globally significant incidents
- Exposure to diverse clients and technologies, across sectors and industries
π Join Us
This is more than a job β it\’s a mission-critical role at the sharp edge of cybersecurity. If you\’re ready to make a real impact and guide organisations through their most challenging moments, we want to hear from you.
Apply now or send your CV to C.burn@ltharper.com
Contact Detail:
LT Harper - Cyber Security Recruitment Recruiting Team
