Cyber Incident Investigation and Response Consultant

UK (Remote), Permanent, Full Time


Summary and background

Pragma is a fast-expanding cybersecurity consultancy, led by industry veterans, that provides a range of security services to clients across Asia and Europe. We have a client base that spans tiny start-ups to colossal multinationals, and every industry from Finance to Shipping to Sports and Education. We believe in hiring the smartest people with the best professional skills and giving them the support, they need to grow and develop.

Our practice is now seeking to recruit a Cyber Incident Investigation and Response – Consultant, to be based in the UK with potential for site visits and meetings at the head office in London. In this role, you will conduct investigation, closure, and forensics, as well as incident response management plans for our clients. You will help our clients through a difficult and stressful time and assist the recovery of their businesses and livelihoods from a range of cyber incidents.

Pragma is committed to diversity and inclusion and assesses all applicants equally on their merits. We are committed to building a radically different working culture that gives people the chance to build a working life that works for both them and their clients. We fully support remote working.


You’ll need good communication skills, a calm voice in a crisis, an ability to efficiently solve new technical problems, and a broad knowledge of computer systems and security. The sense of achievement you’ll get from getting companies back on their feet is truly rewarding, and we will back that with a decent salary and great long-term opportunities

We would expect the successful applicant to have a mix of the following skills and qualifications:

  • 2 or more years of experience in incident response, forensic investigation and threat hunting.
  • Experience of incidents involving Ransomware, Office 365 intrusion, and web-based attacks.
  • Relevant certifications in cybersecurity, e.g. CISSP, CISM, GCIH, GCFA, GNFA or similar.
  • A BSc and/or MSc in Computer Science or a related subject.
  • A broad knowledge of OS, Networking and cloud technologies, perhaps gained as a sysadmin, DevOps or security engineer.
  • Good understanding of information security and privacy requirements.
    Experience with Python or Java.
  • Great one-on-one communication skills in stressful situations.
  • Experience with forensic or penetration testing toolkits.
  • Ability to manage your own work and own time to meet challenging deadlines.


  • Conduct analysis related to forensic investigations, cybercrimes, and/or cyberattacks.
  • Analyse security logs, monitoring logs, firewall logs and intrusion prevention system logs.
  • Perform threat management and protection against threats including malware, phishing, hacking and DDoS.
  • Conduct computer forensic analysis, maintaining chain of custody and testifying on evidence collected.
  • Investigate and provide recommendations to identify gaps from the incident.
  • Advise clients on how to improve their cyber incident readiness.
  • Develop and update operational playbook e.g. DDOS, ransomware.
  • Carry out application, network, systems and infrastructure penetration tests.

What we offer

  • A competitive salary based on experience
  • Training and certification: we’ll help you develop your skills further
  • The opportunity to develop your security skills in an expert environment
  • Work with prestigious financial and multinational clients

How to apply

To apply for this role, send in your CV/Resume to [email protected] with the following information:

  • Earliest available date
  • Current/Expected salary
  • Nationality/Do you require a work visa?
New Insights: Read the MAS TRM 2021 - Complete Guide for Financial Services
This is default text for notification bar