Cyber Incident Response Analyst

Job Title: Cyber Incident Response Analyst

Contract Type: Full-time Permanent

Location: Edinburgh / Glasgow / Alderley Park / London

Working style: Hybrid 50% home/office based

Closing date: 20th August 2025

This role will oversee the response to cybersecurity events or incidents, leading efforts to contain threats to Royal London and supporting remediation activities to stabilize services. The analyst will coordinate activities between Defence, Threat Intelligence, SOC, and Engineering, serving as the primary contact for IT Security within the incident management process. The team aims to minimize damage from cybersecurity incidents by ensuring effective incident management and response controls, facilitating the identification, protection, detection, response, and recovery of RLG information assets.

Our purpose contributions include:

• Helping build financial resilience
• Moving towards a sustainable world
• Strengthening mutual choice for customers

About the role

• Creation and maintenance of RLG incident response plan and procedures
• Conduct confidential and sensitive colleague investigations
• Develop and improve incident response policies, processes, and procedures
• Provide root cause analysis, generate metrics, and create reports to enhance future responses
• Gather supporting information and artifacts for incident response activities
• Identify and execute projects to enhance intrusion detection and incident response capabilities
• Perform technical analysis on impacted systems to assess impact, scope, and recovery from cyber incidents
• Utilize RLG cybersecurity tools to identify and remediate threats
• Lead the Incident Response Lifecycle and coordinate remediation activities organization-wide
• Recommend solutions to optimize technical and procedural aspects of incident management
• Present incidents, improvements, and features to senior management
• Provide training and mentorship to team members

About you

• Minimum 2 years in incident response or forensic roles
• Understanding of threat analysis and threat modeling
• Experience with endpoints/EDR in an MDR environment
• Experience managing complex cybersecurity or service incidents
• Ability to identify patterns, anomalies, and issues across multiple vectors
• Knowledge of common cybersecurity threats and terminology (phishing, malware, data compliance)
• Ability to create structured cybersecurity incident reports
• Strong project management, organizational, and communication skills
• Self-motivated, innovative, and eager to learn
• Forensic investigation knowledge
• Experience with MSP/MSSP/MDR preferred

About Royal London

We are the UK's largest mutual life, pensions, and investment company, offering protection, long-term savings, and asset management products and services. Our People Promise emphasizes an inclusive, responsible, enjoyable, and fulfilling workplace, underpinned by our Spirit of Royal London values: Empowered, Trustworthy, Collaborate, Achieve.

We offer great benefits, including 28 days of annual leave plus bank holidays, up to 14% employer matching pension scheme, and private medical insurance. Details of our benefits can be found here.

Inclusion, diversity, and belonging

We are an inclusive employer that values diverse backgrounds and cultures. Our diverse perspectives enhance our skills and innovation, and we celebrate this across Royal London.

#J-18808-Ljbffr