Cyber Security SME – Incident Response Consultant
London, UK (4 days onsite) | 6-Month Contract
Our client, a top global organization, is seeking an experienced Cyber Security SME – Incident Response Consultant to lead a comprehensive maturity assessment of incident response (IR) capabilities within a complex enterprise environment. This role focuses on evaluating IR maturity across people, processes, technology, and governance using the CREST CISR Maturity Assessment Model, delivering actionable insights to inform future strategy, investment, and operational improvements. As an Incident Response SME, you will conduct a detailed maturity assessment of existing IR capabilities, working closely with stakeholders across security, technology, and business teams.
Key Responsibilities
- Configure and scope CREST CISR maturity assessment framework
- Conduct workshops and stakeholder interviews
- Review documentation, tooling, and operational processes
- Analyse IR capabilities across people, process, and technology
- Complete CREST CISR maturity assessment across all domains
- Evaluate threat detection, response, recovery, and reporting capabilities
- Assess controls, governance, and operational readiness
- Produce detailed maturity assessment outputs with supporting evidence
- Deliver structured IR assessment report with findings and recommendations
- Provide clear insights on gaps, risks, and improvement areas
- Ensure outputs are reusable for future assessments
- Proven experience conducting IR maturity assessments using CREST CISR (mandatory)
- 10+ years in cybersecurity, incident response, or SOC operations
- Strong consulting experience delivering cybersecurity assessments
- Deep understanding of incident response lifecycle and threat landscape
- Experience producing high-quality documentation and playbooks
- Strong stakeholder engagement and workshop facilitation skills
- Ability to work independently and deliver against tight timelines
- Excellent written and verbal communication skills
- Certifications such as GCIH, GCFA, CISSP (or equivalent)
- Experience in regulated industries (financial services, healthcare, government)
- Knowledge of SIEM, EDR, identity governance, and cloud security
- Experience with enterprise security architecture
#J-18808-Ljbffr…