At a Glance
- Tasks: Help organisations prepare for unexpected cyber incidents through planning and immersive exercises.
- Company: Join NCC Group, a global leader in cyber security and resilience.
- Benefits: Hybrid working, travel opportunities, and a supportive, inclusive culture.
- Other info: Continuous learning and career growth in a collaborative environment.
- Why this job: Make a real impact by enhancing crisis response frameworks for major organisations.
- Qualifications: Experience in incident management and strong communication skills required.
The predicted salary is between 36000 - 60000 £ per year.
Do you enjoy helping organisations prepare for the moments when the unexpected strikes? In this role at NCC Group you’ll help clients design, refine, and test their incident management capabilities through pragmatic planning and immersive tabletop exercises. You’ll shape crisis response frameworks that work under real pressure, strengthen leadership decision‑making, and ensure clients are confident in their readiness to respond to cyber incidents. This is a role where your expertise directly improves resilience and recovery outcomes for major organisations across multiple sectors.
What you’ll do
- Design and deliver incident management frameworks: Build and enhance incident management and crisis response plans aligned to best practice (NIST, ISO 27035, ISO 22301).
- Lead Silver-level tabletop exercises: Facilitate engaging, scenario‑based workshops for leadership teams, simulating real‑world cyber events to test strategy, communication, and coordination.
- Assess and uplift readiness: Conduct gap analyses and maturity assessments to identify strengths and improvement areas across people, process, and technology.
- Develop tailored playbooks: Create clear, actionable incident management playbooks and decision trees that integrate with technical and operational response teams.
- Coordinate with technical teams: Work with SOC, IR, and resilience specialists to ensure incident response and escalation paths are aligned.
- Engage stakeholders: Provide trusted advisory to executive, operational, and technical audiences; translate technical impact into clear business decisions.
- Capture lessons learned: Produce post‑exercise reports and improvement roadmaps that drive measurable maturity gains.
- Mentor and share expertise: Support junior consultants and contribute to internal knowledge bases and client‑facing collateral.
What you’ll bring
- Strong experience in incident management, crisis management, or cyber resilience consulting, ideally within complex or regulated environments.
- Proven background designing and running tabletop exercises, particularly at Silver (tactical/managerial) level.
- In‑depth knowledge of incident response lifecycle principles (prepare, detect, respond, recover, learn).
- Familiarity with frameworks such as NIST CSF, ISO 27035, ISO 22301, and NCSC guidance.
- Excellent facilitation and communication skills — confident leading workshops and debriefs with senior stakeholders.
- Strong written reporting ability, with a focus on clarity, prioritisation, and actionable outcomes.
- Consulting experience including stakeholder management, requirements gathering, and presentation of findings.
Nice‑to‑haves (not show‑stoppers)
- Experience facilitating Gold‑level (strategic) exercises or broader business continuity workshops.
- Understanding of communications and media management during cyber incidents.
- Exposure to incident response operations or SOC environments.
- Certifications such as ISO 22301 LA/LI, CISM, CISSP, or PRINCE2.
How we work
- Real‑world focus. We prioritise practical, evidence‑based improvements over theoretical frameworks.
- Collaborative culture. You’ll partner with cyber, continuity, and crisis experts across NCC Group’s global network.
- Continuous learning. We encourage you to experiment, research, and grow your expertise.
- Inclusive and supportive. We embrace diverse perspectives and flexible working styles.
About NCC Group
We’re a global cyber security and resilience company with 2,000+ colleagues supporting 15,000 customers across the UK, North America, Europe, APAC and the Middle East. Our mission is to help organisations protect their brand, value, and reputation in an ever‑evolving threat landscape. We invest in our people and operate with fairness, creativity, and respect.
Inclusion & accessibility
We’re committed to diversity, equity, and flexibility. If you need reasonable adjustments at any stage, please let us know. Your personal data will be handled in line with our Privacy Policy. If you’d prefer us not to retain your details for future opportunities, please contact global.ta@nccgroup.com.
Ready to apply? If this sounds like you, we’d love to hear from you. We value curiosity, adaptability, and the drive to make a difference. Applications are open until the 4th of January — don’t hesitate - we’re looking forward to speaking with you in the new year!
Please note that this role has background clearance as mandatory due to the nature of the work NCC Group does. To apply, you must be willing and able to undergo the vetting process.
Managing Consultant - Incident Response Management employer: NCC Group
At NCC Group, we pride ourselves on being an exceptional employer, offering a collaborative and inclusive work culture that prioritises continuous learning and professional growth. As a Managing Consultant in Incident Response Management, you'll have the opportunity to make a tangible impact on clients' resilience while working in a hybrid environment that promotes flexibility and work-life balance. With access to a global network of cyber security experts and a commitment to diversity and equity, you'll thrive in a role that not only challenges you but also supports your career aspirations.
StudySmarter Expert Advice🤫
We think this is how you could land Managing Consultant - Incident Response Management
✨Get Involved in the Cybersecurity Community
Diving into the cybersecurity community is key for landing that full-time gig. Join forums like Reddit's r/cybersecurity or attend local meetups to connect with industry veterans and other job seekers. Networking is everything in this field—don’t just be a passive lurker!
✨Show Off Your Skills with Capture the Flag Competitions
Participate in Capture the Flag (CTF) competitions; these are not just a fun way to boost your skills but also a chance to showcase your talent to potential employers. Many companies, including NCC Group, love seeing candidates who actively engage in these challenges.
✨Tailor Your Online Presence
Make sure your LinkedIn and any professional profiles reflect your cybersecurity expertise. Share your projects, whether they’re personal or from a previous role, to catch the eye of hiring managers. This is how they’ll find your passion and commitment to the field!
✨Apply Directly Through NCC Group
Don’t forget to head straight to our website and check out any openings for cybersecurity roles at NCC Group. Applying directly can sometimes give you an edge, especially if you can mention that you've been following our work or engaging in the community.
We think you need these skills to ace Managing Consultant - Incident Response Management
Some tips for your application 🫡
Show off your technical skills:In cybersecurity, it's crucial to highlight your technical prowess. Make sure your CV showcases specific skills like network security, penetration testing, or threat analysis. If you have relevant certifications (like CEH or CISSP), pop those on the front page to grab attention!
Tailor your portfolio for the role:Even for a full-time role, a portfolio can set you apart. If you've worked on any cybersecurity projects—be it CTF challenges, security assessments, or research papers—include these in your application. This demonstrates not just your skills, but also your hands-on experience!
Use real-world examples:When writing your cover letter, don’t just stick to your qualifications. Share real-world examples of how you’ve tackled security issues or vulnerabilities. This gives the hiring team at NCC Group insight into your practical problem-solving abilities and makes your application memorable.
Demonstrate your passion for cybersecurity:Cybersecurity is an ever-evolving field, so show us that you’re always learning! Mention any recent courses, webinars, or industry events you’ve attended. This not only exhibits your enthusiasm but also signals to NCC Group that you’re committed to staying ahead in the game.
How to prepare for a job interview at NCC Group
✨Sharpen Your Technical Skills
For a role in cybersecurity, it’s essential to be up-to-date with the latest tools and techniques. Brush up on your knowledge of firewalls, intrusion detection systems, and vulnerability assessment tools. Be ready to discuss specific scenarios where you’ve applied these skills, as hands-on experience can really set us apart in interviews.
✨Prepare for Scenario-Based Questions
Expect the interviewers at NCC Group to throw in some hypothetical situations to see how you’d handle them. Think about common security breaches or incidents and be prepared to explain how you would respond. This not only shows your problem-solving skills but also your understanding of real-world cybersecurity challenges.
✨Highlight Your Certifications
Certifications like CompTIA Security+, CISSP, or CEH can give you a significant edge in a full-time role in cybersecurity. Make sure to mention these during your interview and be prepared to discuss what you learned through those certifications and how they relate to the position at NCC Group.
✨Show Your Passion for Cybersecurity
Since you’re going for a full-time gig, showing genuine enthusiasm for the field can make all the difference. Share any personal projects, blogs, or communities you’re part of that relate to cybersecurity. This not only showcases your passion but also your commitment to staying engaged in this ever-evolving field.
