Cyber Incident Response Analyst

Press Tab to Move to Skip to Content Link

Select how often (in days) to receive an alert:

Date: 7 Aug 2025

Location: Edinburgh, GB

Company: Royal London Group

Job Title: Cyber Incident Response Analyst

Contract Type: Full time Permanent

Locations: Edinburgh / Glasgow / Alderley Park / London

Working style: Hybrid 50% home/office based

Closing date: 20th August 2025

This role will assure the response to a cybersecurity event or incident, taking the lead to contain the threat to the Royal London business and support the remediation activities to stabilise service. The role will coordinate activities between Defence, Threat Intelligence, SOC, and Engineering, and be the point of contact for IT Security within the Royal London Group incident management process. The team's purpose is to minimise and control damage resulting from cybersecurity incidents, ensuring that the appropriate incident management and response controls are in place and operating as required to enable the identification, protection, detection, response, and recovery of RLG information assets.

It outlines how the role contributes to our purpose:

• Helping build financial resilience
• Moving fairly to a sustainable world
• Strengthening the mutual choice for customers

About the role

• Creation and maintenance of RLG incident response plan and procedures
• Undertake confidential and sensitive colleague investigations
• Develop and mature the Incident Response policy, process, and procedures
• Provide root cause analysis, create metrics, and generate reports and analytics to improve future incident response
• Collect supporting information and relevant artifacts in support of incident response activities
• Identify and execute projects to improve intrusion detection and incident response capabilities
• Conduct technical analysis on impacted systems to determine impact, scope, and recovery from active and potential cyber incidents
• Leverage cybersecurity tools to identify and remediate threats
• Execute the Incident Response Lifecycle and coordinate remediation activities across the organization
• Recommend solutions to optimize technical and procedural aspects of the incident lifecycle
• Present incidents, improvements, and features to senior management
• Provide training and mentoring to team members

About you

• Minimum of 2 years in an incident response or forensic role
• Understanding of threat analysis and threat modeling
• Experience with endpoints/EDR in an MDR environment
• Experience managing complex cybersecurity or service incidents
• Ability to identify patterns, anomalies, issues across multiple vectors
• Understanding of cybersecurity threats and terminology, including phishing, malware, and data compliance
• Ability to create structured reports on cybersecurity incidents
• Proficient in project management, organization, and communication skills
• Self-motivated, innovative, and eager to learn
• Knowledge of forensic investigations
• Experience with MSP/MSSP/MDR preferred

About Royal London

We're the UK's largest mutual life, pensions, and investment company, offering protection, long-term savings, and asset management products and services.

Our People Promise is to create an inclusive, responsible, enjoyable, and fulfilling workplace, underpinned by our Spirit of Royal London values: Empowered, Trustworthy, Collaborate, Achieve.

We offer benefits such as 28 days annual leave plus bank holidays, up to 14% employer matching pension scheme, and private medical insurance. See all our benefits here - Our Benefits.

Inclusion, diversity, and belonging

We're an inclusive employer, valuing diverse backgrounds and cultures. Our diverse perspectives enhance our skills and are recognized and respected, regardless of background.