AMS PSR

On behalf of Sellafield we are looking for an Incident Management Transformation Consultant (Outside IR35) for a 12 month contract. Hybrid working based in Warrington. 

Work at Sellafield Ltd, and you’re not just building a career. You’re embarking on a mission. Joining 11,000 people on a 100-year project transforming the Sellafield site for all the generations that follow.

We have the site at Sellafield (West Cumbria) and our office at Risley (near Warrington). Join us and you’ll work shoulder-to-shoulder with industry-leading – sometimes world-leading – experts. There are generations and generations of knowledge here and people are only too willing to share it. Our culture of continuous improvement is underpinned by commitment to professional and personal development few can match.

Our relentless pursuit of excellence is reflected in our health, safety, security, resilience, and environmental performance standards as well as the quality of the products and services we deliver to our customers.

As an Incident Management Transformation Consultant your main responsibilities will be:

• Review and update the Cyber Incident Management Plan, ensuring it reflects current operational requirements and best practice.
• Define scope, roles, responsibilities, and interfaces across stakeholders including ISO Incident Management, command structures (Bronze, Silver, Gold), SOC, external IR providers and IT/OT teams.
• Ensure incident management processes are aligned with relevant NCSC Cyber Assessment Framework (CAF) requirements.
• Assess and catalogue existing incident response playbooks, identifying gaps and improvement opportunities
• Develop and standardise playbooks for key incident scenarios, including ransomware, data breaches, insider threats, OT incidents and cloud compromises.
• Define clear response procedures within playbooks, including technical actions, escalation points, decision gates, regulatory reporting and recovery processes.
• Collaborate with stakeholders to validate and embed playbooks.
• Design and implement a structured Post-Incident Review (After-Action Review) framework to support continuous improvement.
• Define incident closure criteria, lessons-learned processes, and mechanisms for tracking and delivering improvements.
• Deliver comprehensive documentation and handover materials to support transition into Business-as-Usual (BAU) operations.
• Provide maturity assessments and recommendations for ongoing development and optimisation.
• Define ownership models to ensure continuous improvement and long-term sustainability of cyber incident processes.

Essential:

• An active SC Clearance is an essential requirement for this role, as a minimum you must be willing & eligible to undergo checks. (Please note, due to the exceptional requirements of this position (short-term nature of this role and speed at which we require a postholder in situ) preference may be given to candidates who meet all of the essential criteria and hold active security clearance.) 
• Proven experience in Cyber Incident Management and Response, ideally within a Public Sector or similarly regulated environment.
• Strong Cyber Security domain knowledge, with an understanding of SOC/CSOC operations, threat landscapes, and incident response frameworks.
• Hands-on experience designing and implementing incident management processes, playbooks, and response workflows.
• Strong stakeholder management and communication skills, with the ability to engage effectively across technical teams, leadership, and third-party providers.
• Strong analytical and organisational skills, with the ability to manage complex incidents and prioritise effectively under pressure.

Please be aware that this role can only be worked within the UK and not Overseas.

Sellafield Ltd is committed to eliminating discrimination and encouraging diversity amongst its workforce.

Disability Confident 

As a member of the Disability Confident Scheme, Sellafield guarantees to interview all candidates who have a disability and who meet all the essential criteria for the vacancy. In cases where we have a high volume of candidates who have a disability who meet all the essential criteria, we will interview the best candidates from within that group. This scheme encourages candidates with a disability and/or neurodivergence to apply. In exceptional circumstances, we may also need to apply the desirable criteria in our shortlisting process which may include holding active security clearance.

Armed Forces Covenant

Sellafield guarantees to interview veterans or spouses / partners of military personnel who meet all the essential criteria for the vacancy. In cases where we have a high volume of ex-military candidates / military spouses or partners, who meet all of the essential criteria, we will interview the best candidates from within that group. In exceptional circumstances, we may also need to apply the desirable criteria in our shortlisting process which may include holding active security clearance.