Cyber Incident Response Analyst

Job Title: Cyber Incident Response Analyst

Contract Type: Full time Permanent

Location: Edinburgh / Glasgow / Alderley Park / London

Working style: Hybrid 50% home/office based

Closing date: 20th August 2025

This role will assure the response to a cybersecurity event or incident, taking the lead to contain the threat to the Royal London business and support the remediation activities to stabilise service. The role will coordinate activities between Defence, Threat Intelligence, SOC, and Engineering, serving as the point of contact for IT Security within the Royal London Group incident management process. The team aims to minimise and control damage from cybersecurity incidents, ensuring incident management and response controls are in place to enable identification, protection, detection, response, and recovery of RLG information assets.

• Helping build financial resilience
• Moving fairly to a sustainable world
• Strengthening the mutual choice for customers

• Create and maintain RLG incident response plan and procedures
• Undertake confidential and sensitive colleague investigations
• Develop and mature incident response policies, processes, and procedures
• Provide root cause analysis and create metrics for reports and analytics to improve incident response
• Collect supporting information and artifacts for incident response activities
• Identify and execute projects to enhance intrusion detection and incident response capabilities
• Conduct technical analysis on impacted systems to determine impact, scope, and recovery from cyber incidents
• Leverage cybersecurity tools to identify and remediate threats
• Execute the Incident Response Lifecycle and coordinate remediation activities across the organization
• Recommend solutions to optimize technical and procedural aspects of the incident lifecycle
• Present incident reports, improvements, and features to senior management
• Provide training and mentoring to team members

• Minimum of 2 years in incident response or forensic roles
• Understanding of threat analysis and threat modeling
• Experience with endpoints/EDR in MDR environments
• Experience managing complex cybersecurity or service incidents
• Ability to identify patterns and anomalies across multiple vectors
• Knowledge of cybersecurity threats like phishing, malware, and data compliance
• Ability to produce structured reports on cybersecurity incidents
• Proficient in project management, organization, and communication
• Self-motivated, innovative, and eager to learn
• Forensic investigation knowledge
• Experience with MSP/MSSP/MDR preferred

We’re the UK’s largest mutual life, pensions, and investment company, offering protection, long-term savings, and asset management products and services. Our People Promise is to work in an inclusive, responsible, enjoyable, and fulfilling environment, underpinned by our Spirit of Royal London values: Empowered, Trustworthy, Collaborate, Achieve.

We offer great benefits including 28 days annual leave plus bank holidays, up to 14% employer matching pension scheme, and private medical insurance. Details of all benefits can be found here - Our Benefits.

We’re an inclusive employer, valuing diverse backgrounds and cultures. Our diverse perspectives enhance our skills and are recognized and respected across the organization.