About us Nihon Cyber Defence (NCD)area global cyber security company protecting and supporting critical national infrastructure, governments, largeorganisationsand small, medium enterprises (SMEs) from the increasing impact of debilitating cyber-attacks, which continue to increase in frequency and complexity. Ourspecialist cyber security consultancyteamprovidea full range of services to support and enhance the cyber securityresilienceof organisations globally, rapidly dealing with the fallout and management of cyber incidents. NCD are headquartered in Tokyo, Japan withoperations supported by a global teambased in various locations inEurope,UK, and Asia. Thisensures that NCD can provide 24/7 incident response and management services. We are an accredited provider for Incident Response Provider and Assured Cyber Incident Exercise Provider by the UKs National Cyber Security Centre (NCSC). The Role This is an exciting opportunity to join ourIncidentManagement team andestablishyourself as an expert! We are looking for a skilled and proactive Cyber IncidentResponseConsultant to join our global cyber security team. In this mid-level role where youd be accountable to both clients and internal stakeholders. You will play a critical part responding to our clients needs in detecting, analysing, and responding to cybersecurity incidents. Youll work closely with security consultants, incident commanders and leadership stakeholders both internal to NCD and client-side to contain threats, understand and minimise impact, and carry out forensic analysis. This role will require you to be on-site at our Belfast or Dublin office. There may be a need for frequent travel between our offices, client sites, and the possibility of international travel as required by the business. You must have the right to live and work in the UK or Ireland to apply for this role. Key Responsibilities: Incident Detection & Response: Investigate and respond toretained and non-retained clients during an incident Threat Analysis: Perform in-depth analysis of logs, network traffic, and endpoint data toidentifyindicators of compromise (IOCs) and tactics, techniques, and procedures (TTPs). Containment & Remediation: Lead containment, eradication, and recovery efforts during active incidents, ensuring minimal disruption to business operations. Forensics & Root Cause Analysis: Conduct forensic investigations and post-incident reviews todeterminethe origin and impact of security breaches. Collaboration: Work within-house client teams, MSPs,and communications teams to coordinate incident response and reporting. Documentation: Maintaindetailed incident records, timelines, and reports forclient,internalstakeholdersand regulatory compliance. Continuous Improvement: Contribute to the development and refinement of incident response playbooks, detection rules, and security tools. Threat Intelligence Integration: Leverage threat intelligence to enhance detection and response strategies. Requirements: Required: 35 years of experience in cybersecurity, with at least 2 years in incident response or SOC roles. Required: Strong knowledge of security tools andgeneral securitytechnologies (e.g., SIEM, EDR, IDS/IPS, firewalls). Desired: Familiarity with MITRE ATT&CK framework and common attack vectors. Required: Experience with forensic tools and techniques (e.g., memory analysis, disk forensics, log analysis)for on-prem, hybrid and cloud environments. Required: Understanding of network protocols, operating systems (Windows, Linux), and cloud environments. Required: Ability to work under pressure and manage multiple incidents simultaneously. Required: Strong written and verbal communicationability. Required: Excellent analytical, communication, and problem-solving skills. Desired: Certifications (e.g., GCIH, GCFA, CEH, OSCP)would beadvantageous. Desired: Bachelors degree in computer science or cyber security. Skills: Incident Response Benefits: Medical Aid / Health Care Pension Fund