Lead and coordinate major cyber security incidents, direct technical investigations, and produce incident reports. Strong understanding of attack methodologies and experience with SIEM, EDR, and SOAR platforms are required. Excellent communication skills and ability to make clear decisions under pressure are essential.
Key Highlights
Key Responsibilities
Technical Skills Required
Benefits & Perks
Job Description
Job Title - Cyber security incident manager
SC cleared or eligible for clearance.
3 month rolling ( likely 1 year)
Fully remote
Key Responsibilities
Incident Response & Management
- Lead and coordinate major cyber security incidents (e.g., ransomware, data breaches, phishing campaigns, insider threats).
- Serve as primary incident commander during high?severity events.
- Oversee triage, impact assessment, containment strategies, and remediation plans.
- Ensure timely escalation and communication to leadership and relevant stakeholders.
- Maintain accurate incident logs, timelines, and evidence for audits or legal processes.
Threat Analysis & Investigation
- Direct technical investigations, working with SOC analysts, threat intelligence teams, and external partners.
- Analyse attack vectors, exploits, and root causes.
- Guide forensic activity where required, ensuring evidence integrity.
Interested in remote work opportunities in Cyber Security? Discover Cyber Security Remote Jobs featuring exclusive positions from top companies that offer flexible work arrangements.
Governance, Reporting & Continuous Improvement
- Produce detailed incident reports, executive summaries, and post?incident reviews.
- Track incident metrics, trends, and lessons learned to improve security posture.
- Drive improvements in incident response playbooks, processes, and tooling.
- Ensure incidents are handled in alignment with frameworks such as NIST
Stakeholder & Vendor Coordination
- Act as the key liaison during incidents with IT, Risk, Legal, Compliance, HR, Communications, and third?party partners.
- Support customer?facing communication where relevant (for MSSP or managed services environments).
- Manage relationships with external responders, MSSPs, and law enforcement as applicable.
Browse our curated collection of remote jobs across all categories and industries, featuring positions from top companies worldwide.
Operational Readiness
- Support the development and delivery of cyber incident simulations, tabletop exercises, and readiness assessments.
- Ensure IR documentation is current, accessible, and aligned with business needs.
- Provide mentoring and support to junior analysts and incident responders.
Essential Skills & Experience
- Proven experience leading complex cyber security incidents in a mid?to?large enterprise or MSSP environment.
- Strong understanding of attack methodologies, malware behaviour, and adversary TTPs.
- Experience with SIEM, EDR, SOAR, threat intel platforms, and forensic tools.
- Deep knowledge of IR frameworks:
- Ability to make clear decisions under pressure and command multi?disciplinary response teams.
- Excellent communication skills, with the ability to convey technical detail to senior leadership.
Similar Jobs
Explore other opportunities that match your interests
Alignerr
Haystack
