Principal Incident Response Investigator
Location: Remote (UK) – Sorry, NO Sponsorship and must hold, or be Eligible for SC / DV
Salary: £70K - £90K + Overtime + On-Call Allowances + Benefits + Training!!!!!!!
Step into a role where you set the pace during the toughest moments. As a Principal Incident Response Investigator, you’ll lead high-profile cyber incident engagements across government, critical national infrastructure, and the private sector — acting as the trusted advisor when organisations need it most.
What you’ll do:
* Take command of major incident response investigations, from triage to recovery.
* Deliver advanced forensics across endpoints, networks, cloud, and SaaS.
* Brief executives, boards, and regulators with clear, risk-focused advice.
* Mentor junior responders while shaping playbooks, tooling, and best practices.
* Contribute to the security community through research and thought leadership.
* Analyse adversary behaviour and integrate threat intelligence to inform attribution, client reporting, and proactive defences.
What you’ll bring:
* Significant experience in incident response/forensics, with client-facing exposure.
* Proven ability to lead investigations into ransomware, insider threats, and targeted intrusions.
* Strong technical depth (forensics, TTPs, SIEM/EDR, scripting).
* Excellent communication skills and the confidence to guide at exec level.
* ChCSP – Incident Response certification (or the ability to attain).
Why join?
* Investigate some of the most significant cyber incidents globally.
* Competitive package, overtime & on-call allowances, funded certifications.
* Variety of clients and industries, plus dedicated research time.
This role is for someone with drive, autonomy, and the confidence to lead under pressure.
For more information, please reach out to r.kelly@ltharper.com or apply here.