Vacancy at Reliance Cyber
Principal Incident Response Consultant
Remote
Vacancy listed
01/04/2026
Application deadline
20/04/2026
Details
Principal Incident Response Consultant
Who are we?
Reliance Cyber is a UK-based cyber security operations specialist. Our passion is partnering with clients to build cyber resilience by preparing for, preventing, detecting, and responding to security breaches by combining deep engineering strength with 24/7 “human in the loop” expert oversight. We’re proud of our collaborative culture and ambitious growth plans — and we’re looking for talented people to join us on that journey.
The role
We’re seeking a Principal Incident Response Consultant to join our Reactive Consulting team in a senior, hands‑on technical delivery role. You will act as a technical authority during cyber incidents, leading complex investigations, coordinating response activity and working closely with client stakeholders to ensure incidents are managed effectively, defensibly and at pace. As one of the most technically experienced members of the team, you will help evolve our incident response methodologies, tooling and workflows, bringing expertise from across cybersecurity disciplines to continuously improve how we respond to real‑world threats.
What you’ll be doing
- Leading and delivering low volume but highly complex incident response engagements
- Acting as the technical lead during cyber crises, supporting containment, remediation and recovery
- Conducting deep technical investigations and evidence‑based analysis
- Communicating effectively with both technical teams and senior client stakeholders
- Developing and refining incident response playbooks, workflows and automation
- Developing and managing internal DFIR tools using AWS Cloudformation, Python, OpenSearch and other related tools
- Aligning response capabilities to evolving threat actor tactics (MITRE ATT&CK)
- Supporting tabletop exercises, crisis simulations and wider professional services engagements
- Mentoring consultants and contributing to capability development and thought leadership
- Participating in the on‑call rota (with appropriate compensation)
What you’ll bring
- Significant experience leading cybersecurity incident response in a consultancy or professional services environment
- Strong digital forensics and incident response expertise, including legal and evidential considerations
- Deep technical knowledge, particularly across Microsoft Active Directory and Azure AD
- Strong understanding of modern attacker methodologies and remediation strategies
- Ability to clearly communicate complex technical issues to senior stakeholders
- A collaborative, mentoring mindset and commitment to continuous improvement
Desirable: industry certifications, experience across wider cyber disciplines, and the ability to obtain UK Security Clearance (SC).
Why join us?
You’ll work on high‑impact incidents in a supportive, flexible environment, helping shape the future of our incident response capability. We offer a competitive salary, generous benefits and remote working. Apply now, including your notice period and salary expectations. For an informal discussion about the role, please email our Head of Incident Response, Rob Anderson: rob.anderson@reliancecyber.com
We kindly ask that recruitment agencies do not contact us regarding this vacancy.
We kindly ask that recruitment agencies do not contact us regarding this vacancy.