Security Analyst, Incident Response

RBC Global Security Incident Response team seeks an experienced Security Analyst. This role is key within the Global Security Operations Centre (GSOC), providing technical expertise and leadership support to proactive and reactive cyber‑threat responses. The analyst reports to the Senior Manager, Incident Response and works with a team of 4‑6 specialists. The role serves as the focal point for GSOC management regarding security incidents and supports local and extended team members dealing with critical incidents impacting RBC users, systems, infrastructure, and resources.

RBC expects all employees and contractors to work in the office with some flexibility to work up to 1 day per week remotely, depending on working arrangements.

• Global accountability to respond to critical security incidents/events with accurate and timely reporting to Global Cyber Security Leadership.
• Provide 24/7/365 support for security incidents impacting mission‑critical business and IT infrastructure, including supporting global incident management and response, remediation and reporting.
• Support and maintain communication with the Computer Security Incident Response Team (CSIRT) extended members, ensuring timely communication to all stakeholders regarding incident response activities.
• Provide post‑mortem reporting for leadership detailing security vulnerabilities, technology gaps, shortcomings or miscellaneous security issues.
• Work with threat intelligence, Security Operations Centre and extended teams to ensure global compliance with RBC standards for security incidents and related findings.
• Drive resolution of security incidents in a timely and effective manner.
• Collaborate with the Cybersecurity Command Centre technical analysts, specialists and management to detail and report on the status and resolution of critical incidents.
• Execute incident response actions and engage with business/technical stakeholders.

• Bachelor’s degree in computer science and/or IT related disciplines and certifications in information security preferred (CISSP, GCIA, GCIH, GREM, CEH).
• Demonstrated experience performing investigation activities for security‑related events in a complex Incident Management or Security Operations Center environment.
• Thorough understanding of Security Information and Incident Management methodologies.
• Proven experience in a SOC environment.
• Exposure to malware and sandbox analysis.
• Robust computer networking and OS knowledge.

• Experience with SOAR platforms.
• Familiarity with threat hunting techniques and scenarios.
• Knowledge in detection engineering.
• Understanding of current threat landscape and threat‑actor TTPs.
• Experience with scripting languages (PowerShell, Python, regex, Bash, etc.).
• Industry‑recognized certifications from ISC2, SANS, ISACA, etc.

We thrive on the challenge to be our best – progressive thinking to grow and deliver trusted advice to help our clients thrive and communities prosper. We care about each other, reaching our potential, making a difference, and achieving mutual success.

• Help develop the ethos and environment of a new team.
• Leaders who support your development through coaching and management opportunities.
• Opportunities to work with the best in the field.
• Ability to make a difference and lasting impact.
• Work in a dynamic, collaborative, progressive, and high‑performing team.

RBC Group does not accept agency resumes. Please do not forward resumes to our employees or other company locations. RBC Group only pays fees to agencies where a prior agreement exists and never pays fees for unsolicited resumes. Please contact the Recruitment function for additional details.

Business Perspective, Critical Thinking, Decision Making, Detail‑Oriented, Forensic Computing, Group Problem Solving, Information Security Operation Center (ISOC), IT Incident Management, Security Information and Event Management (SIEM), Threat Management.

Address: 100 BISHOPSGATE: LONDON

City: London

Country: United Kingdom

Work hours/week: 35

Employment Type: Full time

Platform: TECHNOLOGY AND OPERATIONS

Job Type: Regular

Pay Type: Salaried

Posted Date: 2025‑10‑16

Application Deadline: 2025‑12‑07 (applications accepted until 11:59 PM on the day prior to the deadline)

At RBC, we believe an inclusive workplace with diverse perspectives is core to our growth. We maintain a workplace where employees feel supported to perform at their best, collaborate, innovate, and grow professionally, fostering respect, belonging and opportunity for all.

Stay in‑the‑know about career opportunities at RBC. Sign up to receive customized information on jobs, career tips, and recruitment events that matter to you.

Expand your limits and create a new future together at RBC. Find out how we use our passion and drive to enhance the well‑being of our clients and communities at jobs.rbc.com.