Incident Response Consultant

Department: Incident Response

Employment Type: Permanent - Full Time

Location: UK - London

Reporting To: Connor Rowden

At CFC Response you will be part of a unique collaborative team of incident responders, business resumption engineers, and cybersecurity specialists whose sole responsibility it is to protect, recover, and mature the more than 80,000 CFC Underwriting insurance policyholders. You will be joining a group of technical experts who tackle cyber threats day‑in‑day‑out, at scale, for a myriad of clients ranging from small businesses with minimal in‑house capabilities, right through to large complex corporations with a full stack. You will never be bored, you will always be learning, and you will have fun doing it.

This is a technical incident response role whose primary focus will be on data scoping and collection, investigation of the root cause, scope and data impact of a cyber incident and the verbal and written reporting of findings to respective insured/clients. As part of this undertaking, you will be joining a team of leading IR industry professionals who are responding to complex cyber incidents, at scale and across the globe. Furthermore, you will be supported by a wider team of experts.

You’ll lead the charge in collecting and analysing data, uncovering root causes, and identifying the scope of data exposure. Your insights will directly shape containment and eradication strategies for clients, and you’ll have the opportunity to present your findings with confidence, answering technical questions and guiding stakeholders through the incident lifecycle. From authoring detailed investigation reports aligned to the MITRE ATT&CK framework to compiling Indicators of Compromise, your work will be critical in helping clients understand and recover from complex threats.

Beyond technical excellence, this role is about building trust and delivering exceptional service. You’ll collaborate closely with clients, policyholders, brokers, underwriters, and capacity providers‑fostering strong relationships and championing the values that define CFC’s culture. Whether you’re analysing phishing emails and bypassed security controls or supporting the wider incident response team, your contributions will reflect integrity, accuracy, and quality. If you’re passionate about cybersecurity and thrive in a fast‑paced, client‑focused environment, this is your chance to be part of something truly meaningful.

• Demonstrable understanding of common cyber‑attacks.
• Programming experience in Python, PowerShell, BASH or similar scripting languages.
• Working knowledge of the Microsoft 365 platform.
• Laser focus on customer service and product excellence.
• Demonstratable investigational skills.

We show up each day ready to take on the world. Our passion and intensity set us apart and makes the difference to our colleagues, customers, brokers and carriers.

We’re never afraid to question the way that things are done and we constantly challenge ourselves and others to makes things better.

Insurance is a serious business, but we don’t take ourselves too seriously. We make it fun to work at CFC, we welcome all viewpoints, and we treat everyone how we would expect to be treated.