Cyber security incident manager

Job Title - Cyber security incident manager
SC cleared or eligible for clearance.
3 month rolling ( likely 1 year)
Fully remote


Key Responsibilities
Incident Response & Management

  • Lead and coordinate major cyber security incidents (e.g., ransomware, data breaches, phishing campaigns, insider threats).
  • Serve as primary incident commander during high severity events.
  • Oversee triage, impact assessment, containment strategies, and remediation plans.
  • Ensure timely escalation and communication to leadership and relevant stakeholders.
  • Maintain accurate incident logs, timelines, and evidence for audits or legal processes.

Threat Analysis & Investigation

  • Direct technical investigations, working with SOC analysts, threat intelligence teams, and external partners.
  • Analyse attack vectors, exploits, and root causes.
  • Guide forensic activity where required, ensuring evidence integrity.

Governance, Reporting & Continuous Improvement

  • Produce detailed incident reports, executive summaries, and post incident reviews.
  • Track incident metrics, trends, and lessons learned to improve security posture.
  • Drive improvements in incident response playbooks, processes, and tooling.
  • Ensure incidents are handled in alignment with frameworks such as NIST

Stakeholder & Vendor Coordination

  • Act as the key liaison during incidents with IT, Risk, Legal, Compliance, HR, Communications, and third party partners.
  • Support customer facing communication where relevant (for MSSP or managed services environments).
  • Manage relationships with external responders, MSSPs, and law enforcement as applicable.

Operational Readiness

  • Support the development and delivery of cyber incident simulations, tabletop exercises, and readiness assessments.
  • Ensure IR documentation is current, accessible, and aligned with business needs.
  • Provide mentoring and support to junior analysts and incident responders.


Essential Skills & Experience

  • Proven experience leading complex cyber security incidents in a mid to large enterprise or MSSP environment.
  • Strong understanding of attack methodologies, malware behaviour, and adversary TTPs.
  • Experience with SIEM, EDR, SOAR, threat intel platforms, and forensic tools.
  • Deep knowledge of IR frameworks:
  • Ability to make clear decisions under pressure and command multi disciplinary response teams.
  • Excellent communication skills, with the ability to convey technical detail to senior leadership.
Apply Now
Apply Now

Job Details

Company
Experis
Location
Nationwide, United Kingdom
Hybrid / Remote Options
Employment Type
Contract
Posted