Cyber Security Specialist in Scotland

We are delighted to be partnering with an ambitious Managed Security Service Provider established in Scotland with operations across EMEA and North America. They are driven to help protect organisations against the rising threat of cyber-attacks in an ever-evolving digital world. They have become a known Microsoft Security Partner with NCSC status as well as several prestigious awards to their name. More importantly, they are a people-focused organisation who recognise their success is all down to the employees who make it happen.

Be the person organisations trust when everything’s on fire. When a serious cyber incident hits, you’ll lead the investigation, find the truth fast, guide the response, and help customers come out stronger. As a Senior Incident Response Consultant, you’ll lead and deliver complex cyber security incident investigations and provide expert technical, strategic, and executive-level guidance. You’ll combine advanced digital forensics, threat analysis, and incident leadership with consulting, mentoring, and readiness activities that improve customer resilience and reduce harm.

What you’ll do:

• Incident investigation & analysis (hands-on, high-impact)
• Lead complex incident investigations across diverse technologies and environments.
• Participate in an on-call rota with out-of-hours response as required.
• Perform advanced forensics across Windows, Linux, macOS and multi-cloud environments (host, network, and memory).
• Analyse logs, network traffic, disk images, and volatile artefacts to establish attacker intent, actions, timeline, and impact.
• Identify adversary tools, tactics, and procedures (TTPs) and translate findings into clear next steps.
• Collect and preserve evidence to defensible standards, maintaining documentation and chain-of-custody.
• Stay current on emerging threats, malware families, and evolving threat actor behaviours.
• Work confidently with customer stakeholders including technical teams, legal, and executive leadership during incidents.
• Improve detection, escalation, containment, and response processes—internally and for customers.
• Collaborate with Threat Intelligence to enrich and operationalise investigative findings.
• Consulting, advisory & customer engagement (trusted voice)
• Communicate findings and recommendations clearly to both technical and non-technical audiences.
• Link technical findings to business risk, enabling better decision-making at leadership level.
• Support privacy/security risk mitigation activities with internal and external teams.
• Deliver IR Readiness Assessments of customer plans, playbooks, and response capability.
• Provide executive and board-level briefings and training on cyber security and incident response.
• Facilitate tabletop exercises that genuinely test and improve readiness.
• Mentoring & leadership
• Mentor junior IR team members through coaching, technical guidance, and quality assurance - raising the bar across the function.

What you’ll bring:

• Technical skills
• Advanced forensic analysis across Windows, Linux, macOS, and cloud platforms.
• Memory forensics (static and dynamic).
• Strong network traffic and log analysis skills (firewall, endpoint, web, identity/authentication, cloud telemetry).
• Deep understanding of enterprise security controls: Active Directory, identity systems, and network architectures.
• Proficiency with EDR and SIEM platforms for investigations and threat hunting.
• Experience with Microsoft-aligned security stacks.
• Ability to extract IOCs, identify attacker behaviour patterns, and map findings to TTPs.
• Evidence handling to defensible standards, including chain-of-custody.
• Comfortable building scripts, playbooks, or tooling to automate/improve investigation workflows.
• Work with a collaborative and forward-thinking cybersecurity team.

Competitive salary of circa £80k - £90k. Flexible working arrangements (remote/hybrid). 35 days holiday. Employee Assistance Programme. Opportunities for career growth and professional development.