Cyber Security Engineer
Posted Today by Haystack
Negotiable
Undetermined
Remote
United Kingdom
Summary: The Cyber Security Incident Manager role involves leading and coordinating responses to major cyber security incidents, such as ransomware and data breaches, within a fully remote setting. The position requires expertise in NIST frameworks and technologies like SIEM, EDR, and SOAR, along with the ability to manage high-pressure situations effectively. The ideal candidate will have proven experience in incident management and the necessary security clearance. This role offers a competitive day rate and the potential for contract extension.
Key Responsibilities:
- Lead and coordinate major cyber security incidents as the primary Incident Commander.
- Direct technical investigations with SOC analysts and Threat Intelligence teams.
- Oversee triage, containment, and remediation strategies while ensuring forensic evidence integrity.
- Develop IR playbooks and execute cyber incident simulations.
- Act as a liaison between IT, Legal, Compliance, and external partners.
Key Skills:
- Proven experience in leading complex cyber security incidents.
- Deep technical proficiency with SIEM, EDR, SOAR, and Threat Intelligence platforms.
- Strong command of Incident Response frameworks, specifically NIST and ISO.
- Active SC Clearance or eligibility for clearance process.
- Exceptional communication skills for managing multi-disciplinary teams.
Salary (Rate): undetermined
City: undetermined
Country: United Kingdom
Working Arrangements: remote
IR35 Status: undetermined
Seniority Level: undetermined
Industry: IT
Cyber security incident manager
We're working with a leading global workforce solutions agency connecting top-tier talent with enterprise-scale security projects on this exciting opportunity. Are you a battle-tested Incident Commander ready to lead the charge against sophisticated cyber threats? We are looking for a high-caliber professional to orchestrate major response efforts across NIST frameworks, leveraging deep expertise in SIEM, EDR, and SOAR technologies to protect critical infrastructure. This is a high-impact, fully remote role requiring SC Clearance eligibility and the ability to thrive under pressure.
The Role
- Lead and coordinate major cyber security incidents including ransomware, data breaches, and insider threats as the primary Incident Commander.
- Direct technical investigations in collaboration with SOC analysts and Threat Intelligence teams to analyze attack vectors and adversary TTPs.
- Oversee triage, containment, and remediation strategies while ensuring the integrity of forensic evidence and detailed incident logs.
- Drive operational readiness by developing IR playbooks and executing complex tabletop exercises and cyber incident simulations.
- Act as a key liaison between IT, Legal, Compliance, and external partners, translating technical forensic data into executive-level summaries.
What You'll Need
- Proven experience leading complex cyber security incidents within a mid-to-large enterprise or MSSP environment.
- Deep technical proficiency with SIEM, EDR, SOAR, and Threat Intelligence platforms (TIP) for root cause analysis.
- Strong command of Incident Response frameworks, specifically NIST and ISO, to guide governance and post-incident reviews.
- Active SC Clearance (Security Check) or the immediate eligibility to undergo the clearance process.
- Exceptional communication skills with the ability to command multi-disciplinary response teams and manage high-pressure stakeholder environments.
What's On Offer
- Competitive day rate on a 3-month rolling contract with high likelihood of extension to 12 months.
- Full flexibility with 100% remote working, allowing for a great work-life balance.
- The opportunity to work on high-stakes, enterprise-level security incidents for a global market leader.
Apply via Haystack today!