Lead Incident Response Consultant (CSIR)

Oxford, England, United Kingdom

Dionach logo


We’re an independent, CREST-approved global information security experts. Protect your organisation’s information assets and manage your cyber risk.

Dionach are a dynamic cyber security company looking for an experienced Incident Response Consultant to join our growing technical team.

Do you have a demonstrable experience in managing and leading incident response engagements for multiple clients?

Do you want to continue your technical progression while gaining more responsibilities and leading a service? If so, keep reading, this job is for you!

Your main role will be as a Lead Incident Response Consultant, with options for research and development, and to work in other areas of information security consultancy such as assurance.

There are opportunities to improve your qualifications, mentor others and work with a wide variety of technologies and organisations.

In this role, as the Lead Incident Response Consultant, you will help clients to quickly detect cyber-attacks, respond to threats effectively and help them to improve their security measures.

This is a varied role and as a Lead Incident Response Consultant, your responsibilities will be as follows:

  • Acquisition and analysis of forensic sources to triage client incidents.
  • Timelining of relevant technical events and business activities to establish end-to-end overview of adversary movement and techniques.
  • Provide consultancy on BAU to help establish operations during critical incidents, and support client mitigation and recovery efforts.
  • Reverse engineer malware samples when necessary to discover actionable indicators of compromise.
  • Perform threat hunting across client estates driven by investigation findings and Mitre ATT&CK tactics.
  • Analyse and correlate threat intelligence data from external sources to augment investigation findings.
  • Develop service capabilities through the design of infrastructure and tooling to increase efficiency and accuracy.
  • Deliver client workshops such as tabletop exercises and staff training.
  • Deliver detailed reports presenting all investigation findings required by internal or external stakeholders including possible legal body involvement.
  • Assist clients with the creation and maintenance of incident response policy and procedures.


  • Significant experience in Cyber Security Incident Response (CSIR) plans and preparedness assessment.
  • Experience of multiple incidents and use of technical skills during a cyber-attack, including identification, containment, and eradication of attacks.
  • Familiarity with regulations such as GDPR and the UK Computer Misuse Act.
  • Expertise in digital forensic investigation.
  • Experience of leading customer engagements on-site.
  • Experience of working as the solo consultant on jobs and of working in teams.
  • Outstanding verbal communication skills with the ability to explain things in a clear and non-technical way.
  • Excellent technical writing skills with the ability to write a post-incident report summary for a non-technical audience.
  • Right to work in the UK.

Experiences and skills that would be beneficial

  • Holding a CREST Cyber Security Incident Response (CSIR) certification.
  • Proactive at writing technical documents and improving processes.
  • Mentoring your peers.
  • Ownership and leadership on developing and providing training courses.
  • An understanding and/or previous experience in penetration testing, red teaming, or technical security assessments.


  • Hybrid working environment – that supports working remotely, with the opportunity to use the offices based on your preference, and of course attend team events!
  • Technical development and given time to develop your skills
  • Training labs
  • Certification training and sponsorship
  • Private health insurance
  • Eye care plan
  • Employee benefits and discounts platform
  • Cycle to work scheme
  • EAP Scheme and well-being platform, including confidential telephone or face to face support and counselling
  • Income Protection if unable to work due to illness or injury

Why choose Dionach?

Dionach are a growing information security company specialising in penetration testing and information assurance services. You will have the opportunity to join an experienced team and enhance your skills. Dionach have leading industry certifications including CREST, CHECK, PCI QSA and ISO 27001, with a focus on improving customers’ security, and developing people’s skills and qualifications.

Dionach are always looking for self-motivated people who wish to work in a fun, flexible environment, where they can make a difference to the business. We are a growing business which provide opportunities for both interesting work and career development.

Dionach actively promote equality and value diversity in our workforce, we support our employees with options such as flexible hours and personal development.

We welcome applications from anywhere in the UK.

Job Types: Full-time, permanent

Location: Hybrid & remote

Start: ASAP

£65,000 - £85,000 per annum, depending on experience and qualifications.

Tags: CREST GDPR Incident response ISO 27001 Malware MITRE ATT&CK PCI QSA Pentesting Security assessments Threat intelligence

Perks/benefits: Career development Flex hours Health care Startup environment Team events

Region: Europe
Country: United Kingdom
Job stats:  6  0  0

Other jobs like this

Explore more Cybersecurity career opportunities

Find open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Analysis, Cryptography, Digital Forensics and Cyber Security in general, filtered by job title or popular skill, toolset and products used.