Job title: Cyber Security Consultant Location: Belfast (On-Site) About us Nihon Cyber Defence (NCD) are a global cyber security company protecting and supporting critical national infrastructure, governments, large organisations and small, medium enterprises (SMEs) from the increasing impact of debilitating cyber-attacks, which continue to increase in frequency and complexity. Our specialist cyber security consultancy team provide a full range of services to support and enhance the cyber security resilience of organisations globally, rapidly dealing with the fallout and management of cyber incidents. NCD are headquartered in Tokyo, Japan with operations supported by a global team based in various locations in Europe, UK, and Asia. This ensures that NCD can provide 24/7 incident response and management services. We are an assured service provider for Incident Response and Cyber Incident Exercises by the UKs National Cyber Security Centre (NCSC). The Role This is an exciting opportunity to join our Incident Management team and establish yourself as an expert! We are looking for a skilled and proactive Cyber Security Consultant to join our global cyber security team. In this role youll be accountable to both clients and internal stakeholders. You will play a critical part responding to our clients needs in detecting, analysing, and responding to cybersecurity incidents. Youll work closely with security consultants, incident commanders and leadership stakeholders both internal to NCD and client-side to contain threats, understand and minimise impact and provide strategic recommendations to enhance their security posture, using industry standard best practice and frameworks. This role will require you to be on-site at our Belfast office. There may be a need for travel between our offices, client sites, and the possibility of international travel as required by the business. All applicants must hold or be eligible to hold UK Security Clearance (SC). Key Responsibilities: Incident Detection & Response: Investigate and respond to retained and non-retained clients during an incident. Threat Analysis: Perform in-depth analysis of logs, network traffic, and endpoint data to identify indicators of compromise (IOCs) and tactics, techniques, and procedures (TTPs). Containment & Remediation: Lead containment, eradication, and recovery efforts during active incidents, ensuring minimal disruption to business operations. Collaboration: Work with in-house client teams, MSPs, and communications teams to coordinate incident response and reporting. Documentation: Maintain detailed incident records, timelines, and reports for client, internal stakeholders and regulatory compliance. Continuous Improvement: Contribute to the development and refinement of incident response playbooks, detection rules, and security tools. Develop and deliver tabletop exercises. Requirements: Required: 35 years of experience in cybersecurity, with at least 2 years in incident response, SOC roles or cyber security consulting. Required: Strong knowledge of security tools and general security technologies (e.g., SIEM, EDR, IDS/IPS, firewalls). Required: Understanding of network protocols, operating systems (Windows, Linux), and cloud environments. understanding of modern threat actors, attack methodologies, and incident response lifecycle. Required: Strong written and verbal communication ability. Required: Excellent analytical, communication, and problem-solving skills. Desired: Familiarity with MITRE ATT&CK framework and common attack vectors. Desired: Certifications (e.g., Sec+, CySA+, SSCP) would be advantageous. Desired: Bachelors degree in computer science or cyber security. Skills: Incident Response, consultancy Benefits: 25 Days annual leave + public holidays Pension contribution Healthcare cash plan