Incident Response (IR) Consultant - Within 90mins of NW London (hybrid - ideally 1 day/week in Ealing / some flex)
Salary: £45,000 - £55,000 per annum, amazing training opportunity for a tired SOC analyst
We are looking for an Incident Response (IR) Consultant to join our team of passionate and pragmatic cyber defenders. This is a unique opportunity for someone with a few years of experience in a SOC (Blue Team / Security Operations Centre) environment who is ready to step up into a more client-facing, hands-on incident response role.
About the Role
In this role, you'll be at the heart of our Incident Response capability, supporting clients during active incidents and helping them to prepare through compromise assessments, readiness exercises, and defensive content. You'll also be part of our escalation rota, supporting our Managed Detection and Response (MDR) service - sometimes leading incidents, other times mentoring junior SOC / Blue Team analysts.
We are ideally looking for someone who can work hybrid, attending an office in Ealing one day per week, but we're open to some flexibility for the right candidate.
Key Responsibilities
- Lead and coordinate technical response during cyber security incidents.
- Act as a point of escalation for MXDR services, supporting junior analysts with incident triage and investigation.
- Conduct compromise assessments and deliver Incident Readiness activities (e.g., tabletop exercises).
- Contribute to the development and delivery of high-quality, actionable defensive security content.
- Communicate clearly and confidently with clients - both in writing and verbally - during high-pressure situations.
- Work alongside the team to continually improve incident response and detection capability.
About You
We're not looking for a technical wizard, but someone with a solid grounding and the confidence to roll up their sleeves and figure things out when needed.
Essential experience:
- 2+ years in a SOC/Blue team or similar defensive security role, hands on the tech.
- Familiarity with SIEM esp, Microsoft Sentinel and Defender (e.g., Defender for Endpoint, Defender for Identity).
- Strong verbal and written communication skills.
- Ability to lead or coordinate during incident response engagements.
- A broad knowledge base across cybersecurity with a willingness to dive deep when needed.
- Based within commuting distance (60/90mins) of NW London.
Desirable:
- Experience delivering compromise assessments or tabletop exercises.
- Knowledge of security operations across a range of industries.
- Prior client-facing experience.
- Interest in creating or contributing to high-quality threat detection and IR content.
Why This Role?
We invest heavily in the development of our people. Many of those we've supported have gone on to become Technical Leads, Principal Consultants, Ops Leaders and even SANS Instructors in some of the most prominent organisations in the world - from big tech and central government to cutting-edge crypto start-ups.
This is more than just a job - it's a unique opportunity to grow, shape your career, and make a meaningful impact in the cyber security community.
To Apply:
Please submit your CV and a short note outlining your relevant experience and interest in the role via your preferred job platform or application channel to security@circlerecruitment.com. You'll need FULL UK Right to Work, with no exceptions. This is Full UK Passport or ILR. We cannot accept PWS visa, or LinkedIn connection requests from overseas workers.
Circle Recruitment is acting as an Employment Agency in relation to this vacancy. Earn yourself a referral bonus if you refer somebody else who fills the role! We also offer an iPad if you refer a new client to us and we recruit for them. Follow us on Facebook - Circle Recruitment , Twitter - @Circle_Rec and LinkedIn - Circle Recruitment.
