Methods is a £100M+ IT Services Consultancy who has partnered with a range of central government departments and agencies to transform the way the public sector operates in the UK. Established over 30 years ago and UK-based, we apply our skills in transformation, delivery, and collaboration from across the Methods Group, to create end-to-end business and technical solutions that are people-centred, safe, and designed for the future.
Our human touch sets us apart from other consultancies, system integrators and software houses - with people, technology, and data at the heart of who we are, we believe in creating value and sustainability through everything we do for our clients, staff, communities, and the planet.
We support our clients in the success of their projects while working collaboratively to share skill sets and solve problems. At Methods we have fun while working hard; we are not afraid of making mistakes and learning from them.
Predominantly focused on the public-sector, Methods is now building a significant private sector client portfolio.
Methods was acquired by the Alten Group in early 2022.
The Role
This role sits at the intersection of incident response, governance, and risk management. Rather than operating solely as a technical responder, you will focus on how incidents are managed, assured, reported, and improved across the organisation.
You’ll support clients in designing, operating, and assuring incident response frameworks that stand up to regulatory scrutiny, audit, and real-world pressure.
Think “Are we responding correctly, consistently, and defensibly?” & not just “Is the alert closed?”.
Requirements
Key Responsibilities
Incident Governance & Oversight
- Define and maintain incident response policies, playbooks, and escalation models
- Ensure incidents are classified, handled, and closed in line with organisational risk appetite
- Act as a governance point of contact during significant cyber incidents
Risk, Assurance & Compliance
- Assess incidents for control failures, systemic risk, and regulatory impact
- Map incident response activities to frameworks such as NIST, ISO/IEC 27001, and organisational risk policies
- Support audits, assurance reviews, and post-incident evidence packs
Post-Incident Review & Continuous Improvement
- Lead or support lessons-learned reviews and root-cause analysis
- Translate technical findings into risk, control, and governance outcomes
- Track remediation actions and ensure they are owned, prioritised, and delivered
Stakeholder & Senior Engagement
- Brief senior stakeholders on incident impact, response posture, and residual risk
- Produce clear, defensible reporting suitable for boards, regulators, and auditors
- Bridge the gap between SOC teams, technical specialists, risk, and leadership
What We’re Looking For
Experience
- Cyber security, incident management, risk, assurance, or GRC background
- Experience working with or alongside SOC / IR teams (without needing to live on shift)
- Exposure to regulated or high-assurance environments (public sector, finance, critical services, etc.)
Knowledge & Skills
- Strong understanding of incident response lifecycle from a governance perspective
- Ability to translate technical incidents into business risk and control language
- Familiarity with security and risk frameworks (NIST, ISO 27001, CAF, etc.)
- Confident producing documentation that survives audit without inducing migraines
Mindset
- Calm under pressure, structured in chaos
- Comfortable saying “this is a governance issue” when everyone else says “just fix it”
- Naturally curious about why incidents happen
This role will require you to have or be willing to go through Security Clearance. As part of the onboarding process candidates will be asked to complete a Baseline Personnel Security Standard; details of the evidence required to apply may be found on the government website Gov.UK. If you are unable to meet this and any associated criteria, then your employment may be delayed, or rejected . Details of this will be discussed with you at interview
Benefits
Methods is passionate about its people; we want our colleagues to develop the things they are good at and enjoy.
By joining us you can expect
- Autonomy to develop and grow your skills and experience
- Be part of exciting project work that is making a difference in society
- Strong, inspiring and thought-provoking leadership
- A supportive and collaborative environment
Development – access to LinkedIn Learning, a management development programme, and training
Wellness – 24/7 confidential employee assistance programme
Flexible Working – including home working and part time
Social – office parties, breakfast Tuesdays, monthly pizza Thursdays, Thirsty Thursdays, and commitment to charitable causes
Time Off – 25 days of annual leave a year, plus bank holidays, with the option to buy 5 extra days each year
Volunteering – 2 paid days per year to volunteer in our local communities or within a charity organisation
Pension – Salary Exchange Scheme with 4% employer contribution and 5% employee contribution
Life Assurance – of 4 times base salary
Private Medical Insurance – which is non-contributory (spouse and dependants included)
Worldwide Travel Insurance – which is non-contributory (spouse and dependants included)
Enhanced Maternity and Paternity Pay
Travel – season ticket loan, cycle to work scheme
For a full list of benefits please visit our website (www.methods.co.uk/careers/benefits)