Cyber security incident manager

Cyber security incident manager

Posted 4 days ago by ManpowerGroup

Apply
Negotiable
Undetermined
Remote
England, United Kingdom
Apply
Cyber Incident Response Cyber Security Managed Services Market Trend Phishing Preparing Executive Summaries Security Clearance Security Information And Event Management (SIEM) Stakeholder Management

Summary: The Cyber Security Incident Manager is responsible for leading and coordinating major cyber security incidents, serving as the primary incident commander during high-severity events. This role involves overseeing incident response activities, conducting threat analysis, and ensuring effective communication with stakeholders. The position also focuses on governance, reporting, and continuous improvement of incident response processes. The role is fully remote and requires SC clearance or eligibility for clearance.

Key Responsibilities:

  • Lead and coordinate major cyber security incidents (e.g., ransomware, data breaches, phishing campaigns, insider threats).
  • Serve as primary incident commander during high-severity events.
  • Oversee triage, impact assessment, containment strategies, and remediation plans.
  • Ensure timely escalation and communication to leadership and relevant stakeholders.
  • Maintain accurate incident logs, timelines, and evidence for audits or legal processes.
  • Direct technical investigations, working with SOC analysts, threat intelligence teams, and external partners.
  • Analyse attack vectors, exploits, and root causes.
  • Guide forensic activity where required, ensuring evidence integrity.
  • Produce detailed incident reports, executive summaries, and post-incident reviews.
  • Track incident metrics, trends, and lessons learned to improve security posture.
  • Drive improvements in incident response playbooks, processes, and tooling.
  • Act as the key liaison during incidents with IT, Risk, Legal, Compliance, HR, Communications, and third-party partners.
  • Support customer-facing communication where relevant (for MSSP or managed services environments).
  • Manage relationships with external responders, MSSPs, and law enforcement as applicable.
  • Support the development and delivery of cyber incident simulations, tabletop exercises, and readiness assessments.
  • Ensure IR documentation is current, accessible, and aligned with business needs.
  • Provide mentoring and support to junior analysts and incident responders.

Key Skills:

  • Proven experience leading complex cyber security incidents in a mid-to-large enterprise or MSSP environment.
  • Strong understanding of attack methodologies, malware behaviour, and adversary TTPs.
  • Experience with SIEM, EDR, SOAR, threat intel platforms, and forensic tools.
  • Deep knowledge of IR frameworks.
  • Ability to make clear decisions under pressure and command multi-disciplinary response teams.
  • Excellent communication skills, with the ability to convey technical detail to senior leadership.

Salary (Rate): undetermined

City: undetermined

Country: United Kingdom

Working Arrangements: remote

IR35 Status: undetermined

Seniority Level: undetermined

Industry: IT

Detailed Description From Employer:

Job Title - Cyber security incident manager SC cleared or eligible for clearance. 3 month rolling ( likely 1 year) Fully remote

Key Responsibilities

  • Incident Response & Management
  • Lead and coordinate major cyber security incidents (e.g., ransomware, data breaches, phishing campaigns, insider threats).
  • Serve as primary incident commander during high-severity events.
  • Oversee triage, impact assessment, containment strategies, and remediation plans.
  • Ensure timely escalation and communication to leadership and relevant stakeholders.
  • Maintain accurate incident logs, timelines, and evidence for audits or legal processes.
  • Threat Analysis & Investigation
  • Direct technical investigations, working with SOC analysts, threat intelligence teams, and external partners.
  • Analyse attack vectors, exploits, and root causes.
  • Guide forensic activity where required, ensuring evidence integrity.
  • Governance, Reporting & Continuous Improvement
  • Produce detailed incident reports, executive summaries, and post-incident reviews.
  • Track incident metrics, trends, and lessons learned to improve security posture.
  • Drive improvements in incident response playbooks, processes, and tooling.
  • Ensure incidents are handled in alignment with frameworks such as NIST
  • Stakeholder & Vendor Coordination
  • Act as the key liaison during incidents with IT, Risk, Legal, Compliance, HR, Communications, and third-party partners.
  • Support customer-facing communication where relevant (for MSSP or managed services environments).
  • Manage relationships with external responders, MSSPs, and law enforcement as applicable.
  • Operational Readiness
  • Support the development and delivery of cyber incident simulations, tabletop exercises, and readiness assessments.
  • Ensure IR documentation is current, accessible, and aligned with business needs.
  • Provide mentoring and support to junior analysts and incident responders.

Essential Skills & Experience

  • Proven experience leading complex cyber security incidents in a mid-to-large enterprise or MSSP environment.
  • Strong understanding of attack methodologies, malware behaviour, and adversary TTPs.
  • Experience with SIEM, EDR, SOAR, threat intel platforms, and forensic tools.
  • Deep knowledge of IR frameworks:
  • Ability to make clear decisions under pressure and command multi-disciplinary response teams.
  • Excellent communication skills, with the ability to convey technical detail to senior leadership.
Apply
Similar Jobs
Loading data...