Senior Security Consultant – Cyber Business Resilience and Recovery
Division: Consulting & Implementation (C&I)
Location: UK (with travel as needed)
Please note: Applications will close on Sunday, 4 January. Our review process will commence on Friday, 2 January. We appreciate your interest and look forward to connecting with you soon. Wishing you an enjoyable festive season.
Why this role?
Do you thrive on helping organisations prepare for, withstand, and recover from cyber incidents? At NCC Group, you’ll be part of a team that bridges the gap between cyber operations and business continuity — ensuring our clients can respond confidently when disruption strikes. You’ll work across incident response readiness, cyber recovery planning, crisis management exercises, and resilience assessments that protect real-world business outcomes. It’s meaningful, high-impact work that blends strategy, governance, and hands-on resilience engineering.
What you’ll do
Build cyber resilience strategies: Design and deliver tailored cyber resilience and recovery frameworks that integrate business continuity, IT disaster recovery, and incident response.
Assess and improve readiness: Conduct cyber resilience maturity assessments and tabletop exercises; identify and prioritise gaps in recovery capabilities.
Design recovery playbooks: Create actionable recovery and communication plans aligned with NIST, ISO 22301, and industry best practice.
Test and validate: Lead scenario-based simulations and recovery testing to validate processes, people, and technology readiness.
Integrate with security operations: Collaborate with SOC and IR teams to align resilience and recovery capabilities with detection, containment, and response functions.
Engage stakeholders: Translate technical findings into clear, business-relevant recommendations; present outcomes to executives and boards.
Advise on resilience architecture: Support the design of resilient infrastructure, backup strategies, and cloud recovery configurations.
Mentor and contribute: Coach junior consultants and share lessons learned through internal knowledge sessions and reusable playbook templates.
What you’ll bring
Strong experience in cyber resilience, business continuity, and disaster recovery consulting, ideally within complex enterprise environments.
Practical understanding of incident response, crisis management, and cyber recovery operations.
Familiarity with frameworks and standards such as ISO 22301, NIST CSF, NIST SP 800-34, and BS 65000.
Proven ability to engage at all levels — from technical recovery teams to C-suite executives.
Experience running or facilitating tabletop exercises, war-gaming sessions, or simulation testing.
Knowledge of resilience tooling (e.g., backup orchestration, DR automation, configuration baselining).
Strong written and verbal communication — able to produce concise reports and deliver persuasive presentations.
Nice-to-haves (not show-stoppers)
Exposure to cloud resilience (Azure/AWS/GCP) and hybrid recovery architectures.
Experience with risk management frameworks (ISO 27005, FAIR).
Understanding of supply chain resilience and third-party risk.
Certifications such as CBCI, ISO 22301 Lead Implementer/Auditor, CISSP, CISM, or CRISC.
Why Join Us?
At NCC Group, your mission is to help create a more secure digital future. You’ll work on high-impact projects, cutting-edge research, and real-world security challenges. We partner with some of the world’s most innovative companies and we want you to be part of that journey.
You’ll join a global team of specialists who thrive on solving complex problems. We invest in your development and well-being, and we’ve built an environment where you can grow, professionally, personally, and technically.
So, ready to join us?
What’s In It For You?
We balance high performance with world-class well-being benefits, including:
⏰ Flexible working
💸 Pension, life assurance, share save scheme
👶 Generous parental leave
🙋🏾 Community & volunteering programmes
⚡ Green car scheme
🚴 Cycle to work scheme
🧘🏻 Wellness programmes
🎓 Learning & development opportunities
🧑🏻🤝🧑🏻 Employee referral bonuses
If this sounds like the right fit, we’d love to hear from you.
Click apply to submit your CV and cover letter.
Or email us at [email protected].
Your Application:
We review every application. If your profile matches, we’ll be in touch. If not, don’t be discouraged, we may keep your details for future roles. If you prefer we don’t, just email us to opt out.
Need reasonable adjustments? Let us know at any point during the process.
Note: This role requires pre-employment background checks (BS7858 screening) due to the nature of the work.
