Managing Security Consultant – Cyber Business Resilience and Recovery in England

Join to apply for the Managing Security Consultant – Cyber Business Resilience and Recovery role at NCC Group. Applications will close on Sunday, 4 January 2026. Our review process will commence on Friday, 2 January 2026. We appreciate your interest and look forward to connecting with you soon.

Why this role?

Do you thrive on helping organisations prepare for, withstand, and recover from cyber incidents? At NCC Group, you’ll be part of a team that bridges the gap between cyber operations and business continuity — ensuring our clients can respond confidently when disruption strikes. You’ll work across incident response readiness, cyber recovery planning, crisis management exercises, and resilience assessments that protect real‑world business outcomes. It’s meaningful, high‑impact work that blends strategy, governance, and hands‑on resilience engineering.

What you’ll do:

• Build cyber resilience strategies: Design and deliver tailored cyber resilience and recovery frameworks that integrate business continuity, IT disaster recovery, and incident response.
• Assess and improve readiness: Conduct cyber resilience maturity assessments and tabletop exercises; identify and prioritise gaps in recovery capabilities.
• Design recovery playbooks: Create actionable recovery and communication plans aligned with NIST, ISO 22301, and industry best practice.
• Test and validate: Lead scenario‑based simulations and recovery testing to validate processes, people, and technology readiness.
• Integrate with security operations: Collaborate with SOC and IR teams to align resilience and recovery capabilities with detection, containment, and response functions.
• Engage stakeholders: Translate technical findings into clear, business‑relevant recommendations; present outcomes to executives and boards.
• Advise on resilience architecture: Support the design of resilient infrastructure, backup strategies, and cloud recovery configurations.
• Mentor and contribute: Coach junior consultants and share lessons learned through internal knowledge sessions and reusable playbook templates.

What you’ll bring:

• Strong experience in cyber resilience, business continuity, and disaster recovery consulting, ideally within complex enterprise environments.
• Practical understanding of incident response, crisis management, and cyber recovery operations.
• Familiarity with frameworks and standards such as ISO 22301, NIST CSF, NIST SP 800‑34, and BS 65000.
• Proven ability to engage at all levels — from technical recovery teams to C‑suite executives.
• Experience running or facilitating tabletop exercises, war‑gaming sessions, or simulation testing.
• Knowledge of resilience tooling (e.g., backup orchestration, DR automation, configuration baselining).
• Strong written and verbal communication — able to produce concise reports and deliver persuasive presentations.

Nice‑to‑haves (not show‑stoppers):

• Exposure to cloud resilience (Azure/AWS/GCP) and hybrid recovery architectures.
• Experience with risk management frameworks (ISO 27005, FAIR).
• Understanding of supply chain resilience and third‑party risk.
• Certifications such as CBCI, ISO 22301 Lead Implementer/Auditor, CISSP, CISM, or CRISC.

Why Join Us?

At NCC Group, your mission is to help create a more secure digital future. You’ll work on high‑impact projects, cutting‑edge research, and real‑world security challenges. We partner with some of the world’s most innovative companies and we want you to be part of that journey. You’ll join a global team of specialists who thrive on solving complex problems. We invest in your development and well‑being, and we’ve built an environment where you can grow, professionally, personally, and technically.

So, ready to join us?

What’s In It For You?

We balance high performance with world‑class well‑being benefits, including: Pension, life assurance, share save scheme.