Job Specifications
Methods is a £100M+ IT Services Consultancy who has partnered with a range of central government departments and agencies to transform the way the public sector operates in the UK. Established over 30 years ago and UK-based, we apply our skills in transformation, delivery, and collaboration from across the Methods Group, to create end-to-end business and technical solutions that are people-centred, safe, and designed for the future.
Our human touch sets us apart from other consultancies, system integrators and software houses - with people, technology, and data at the heart of who we are, we believe in creating value and sustainability through everything we do for our clients, staff, communities, and the planet.
We support our clients in the success of their projects while working collaboratively to share skill sets and solve problems. At Methods we have fun while working hard; we are not afraid of making mistakes and learning from them.
Predominantly focused on the public-sector, Methods is now building a significant private sector client portfolio.
Methods was acquired by the Alten Group in early 2022.
The Role
This role sits at the intersection of incident response, governance, and risk management. Rather than operating solely as a technical responder, you will focus on how incidents are managed, assured, reported, and improved across the organisation.
You'll support clients in designing, operating, and assuring incident response frameworks that stand up to regulatory scrutiny, audit, and real-world pressure.
Think "Are we responding correctly, consistently, and defensibly?" & not just "Is the alert closed?".
Requirements
Key Responsibilities
Incident Governance & Oversight
Define and maintain incident response policies, playbooks, and escalation models
Ensure incidents are classified, handled, and closed in line with organisational risk appetite
Act as a governance point of contact during significant cyber incidents
Risk, Assurance & Compliance
Assess incidents for control failures, systemic risk, and regulatory impact
Map incident response activities to frameworks such as NIST, ISO/IEC 27001, and organisational risk policies
Support audits, assurance reviews, and post-incident evidence packs
Post-Incident Review & Continuous Improvement
Lead or support lessons-learned reviews and root-cause analysis
Translate technical findings into risk, control, and governance outcomes
Track remediation actions and ensure they are owned, prioritised, and delivered
Stakeholder & Senior Engagement
Brief senior stakeholders on incident impact, response posture, and residual risk
Produce clear, defensible reporting suitable for boards, regulators, and auditors
Bridge the gap between SOC teams, technical specialists, risk, and leadership
Experience
What We're Looking For
Cyber security, incident management, risk, assurance, or GRC background
Experience working with or alongside SOC / IR teams (without needing to live on shift)
Exposure to regulated or high-assurance environments (public sector, finance, critical services, etc.)
Knowledge & Skills
Strong understanding of incident response lifecycle from a governance perspective
Ability to translate technical incidents into business risk and control language
Familiarity with security and risk frameworks (NIST, ISO 27001, CAF, etc.)
Confident producing documentation that survives audit without inducing migraines
Mindset
Calm under pressure, structured in chaos
Comfortable saying "this is a governance issue" when everyone else says "just fix it"
Naturally curious about why incidents happen
This role will require you to have or be willing to go through Security Clearance. As part of the onboarding process candidates will be asked to complete a Baseline Personnel Security Standard; details of the evidence required to apply may be found on the government website Gov.UK. If you are unable to meet this and any associated criteria, then your employment may be delayed, or rejected . Details of this will be discussed with you at interview
Benefits
Methods is passionate about its people; we want our colleagues to develop the things they are good at and enjoy.
By joining us you can expect
Autonomy to develop and grow your skills and experience
Be part of exciting project work that is making a difference in society
Strong, inspiring and thought-provoking leadership
A supportive and collaborative environment
Development - access to LinkedIn Learning, a management development programme, and training
Wellness - 24/7 confidential employee assistance programme
Flexible Working - including home working and part time
Social - office parties, breakfast Tuesdays, monthly pizza Thursdays, Thirsty Thursdays, and commitment to charitable causes
Time Off - 25 days of annual leave a year, plus bank holidays, with the option to buy 5 extra days each year
Volunteering - 2 paid days per year to volunteer in our local communities or within a charity organisation
Pensi