Cyber Security Engineer
Posted 1 day ago by Haystack
Negotiable
Undetermined
Remote
United Kingdom
Summary: The Cyber Security Incident Manager role involves leading and coordinating responses to major cyber security incidents, such as ransomware and data breaches, within a fully remote setting. The position requires expertise in NIST frameworks and technologies like SIEM, EDR, and SOAR, along with SC Clearance eligibility. The successful candidate will act as the primary Incident Commander, overseeing investigations and ensuring operational readiness through the development of incident response playbooks. This high-impact role demands exceptional communication skills and the ability to manage multi-disciplinary teams under pressure.
Key Responsibilities:
- Lead and coordinate major cyber security incidents as the primary Incident Commander.
- Direct technical investigations in collaboration with SOC analysts and Threat Intelligence teams.
- Oversee triage, containment, and remediation strategies while ensuring forensic evidence integrity.
- Drive operational readiness by developing IR playbooks and executing cyber incident simulations.
- Act as a liaison between IT, Legal, Compliance, and external partners, translating technical data into executive summaries.
Key Skills:
- Proven experience leading complex cyber security incidents in a mid-to-large enterprise or MSSP environment.
- Deep technical proficiency with SIEM, EDR, SOAR, and Threat Intelligence platforms.
- Strong command of Incident Response frameworks, specifically NIST and ISO.
- Active SC Clearance or eligibility to undergo the clearance process.
- Exceptional communication skills for managing multi-disciplinary response teams.
Salary (Rate): undetermined
City: undetermined
Country: United Kingdom
Working Arrangements: remote
IR35 Status: undetermined
Seniority Level: undetermined
Industry: IT
Cyber security incident manager
We're working with a leading global workforce solutions agency connecting top-tier talent with enterprise-scale security projects on this exciting opportunity. Are you a battle-tested Incident Commander ready to lead the charge against sophisticated cyber threats? We are looking for a high-caliber professional to orchestrate major response efforts across NIST frameworks, leveraging deep expertise in SIEM, EDR, and SOAR technologies to protect critical infrastructure. This is a high-impact, fully remote role requiring SC Clearance eligibility and the ability to thrive under pressure.
The Role
- Lead and coordinate major cyber security incidents including ransomware, data breaches, and insider threats as the primary Incident Commander.
- Direct technical investigations in collaboration with SOC analysts and Threat Intelligence teams to analyze attack vectors and adversary TTPs.
- Oversee triage, containment, and remediation strategies while ensuring the integrity of forensic evidence and detailed incident logs.
- Drive operational readiness by developing IR playbooks and executing complex tabletop exercises and cyber incident simulations.
- Act as a key liaison between IT, Legal, Compliance, and external partners, translating technical forensic data into executive-level summaries.
What You'll Need
- Proven experience leading complex cyber security incidents within a mid-to-large enterprise or MSSP environment.
- Deep technical proficiency with SIEM, EDR, SOAR, and Threat Intelligence platforms (TIP) for root cause analysis.
- Strong command of Incident Response frameworks, specifically NIST and ISO, to guide governance and post-incident reviews.
- Active SC Clearance (Security Check) or the immediate eligibility to undergo the clearance process.
- Exceptional communication skills with the ability to command multi-disciplinary response teams and manage high-pressure stakeholder environments.
What's On Offer
- Competitive day rate on a 3-month rolling contract with high likelihood of extension to 12 months.
- Full flexibility with 100% remote working, allowing for a great work-life balance.
- The opportunity to work on high-stakes, enterprise-level security incidents for a global market leader.
Apply via Haystack today!