Cyber Incident Response Analyst

Job Title: Cyber Incident Response Analyst 

Contract Type: Full time Permanent 

Location: Edinburgh / Glasgow / Alderley Park / London 

Working style: Hybrid 50% home/office based 

Closing date: 19th June 2025 

This role will assure the response to a cybersecurity event or incident, taking the lead to contain the threat to the Royal London business and support the remediation activities to stabilise service. The role will co-ordinate the activities between Defence, Threat Intelligence, SOC and Engineering and be the point of contact for IT Security within the Royal London Group incident management process. The team purpose is to minimise and control the damage resulting from cybersecurity incidents, ensuring that the appropriate incident management and response controls are in place and operating as required in order to enable the identification, protection, detection, response and recovery of RLG information assets.  

It outlines how the role contributes to our purpose: 

• Helping build financial resilience 

• Moving fairly to a sustainable world 

• Strengthening the mutual choice for customers 

About the role 

• Creation and maintenance of RLG incident response plan and procedure 

• Undertake Confidential and sensitive colleague investigations  

• Develop and mature the Incident Response policy, process and procedures  

• Provide root cause analysis, create metrics to create reports and analytics to improve future incident response 

• Collect supporting information and/or relevant artifacts in support of incident response activities 

• Identify and execute projects that improve our intrusion detection and incident response capabilities 

• Conduct technical analysis on impacted systems to determine impact, scope, and recovery from active and potential cyber incidents  

• Leverage tools from RLG cybersecurity software to identify and remediate threats 

• Executes the Incident Response Lifecycle and coordinates remediation activities throughout the organization and its lines of business as a part of Cyber Incident Response handling 

• Recommends solutions to optimize both technical and process/procedure aspects of the end-to-end incident lifecycle 

• Presenting Incident, improvements, and features to senior management  

• Provides training and mentoring of team members 

About you 

• Minimum of 2 years in an incident response or Forensic role 

• Understand threat analysis / threat modelling 

• Experience with endpoints/EDR in an MDR 

• Experience of managing complex and challenging Cyber Security or Service Incidents  

• Ability to identify patterns, anomalies, and issues that span multiple vectors 

• Understanding of common cybersecurity threats and terminology including but not limited to phishing, malware, and data compliance 

• Ability to create structured reports on cybersecurity incidents 

• Proficient project management, organization, and communication skills 

• Self-motivated, innovative, and willingness to learn 

• Forensic investigation knowledge 

• MSP/MSSP/MDR experience preferred 

About Royal London  

We’re the UK’s largest mutual life, pensions and investment company, offering protection, long-term savings and asset management products and services.    

Our People Promise to our colleagues is that we will all work somewhere inclusive, responsible, enjoyable and fulfilling. This is underpinned by our Spirit of Royal London values; Empowered, Trustworthy, Collaborate, Achieve.  

We've always been proud to reward employees by offering great workplace benefits such as 28 days annual leave in addition to bank holidays, an up to 14% employer matching pension scheme and private medical insurance. You can see all our benefits here - Our Benefits   

Inclusion, diversity and belonging  

We’re an Inclusive employer. We celebrate and value different backgrounds and cultures across Royal London. Our diverse people and perspectives give us a range of skills which are recognised and respected – whatever their background.