Senior Cyber Incident Response Specialist

Job Title:
Senior Cyber Incident Response Coordinator

Contract Type:
Permanent

Location:
Alderley Park OR Edinburgh OR Glasgow

Working style:
Hybrid 50% home/office based

Closing date: 29th June 2026

This role will assure the response to a cybersecurity event or incident, taking the lead to contain the threat to the Royal London business and support the remediation activities to stabilise service.

The role will co‑coordinate the activities between Defence, Threat Intelligence, SOC, and Engineering and be the point of contact for IT Security within the Royal London Group incident management process. Additionally, the role will mentor the current Cyber Incident Response team at analyst and specialist level.

The team purpose is to minimise and control the damage resulting from cybersecurity incidents, ensuring that the appropriate incident management and response controls are in place and operating as required to enable the identification, protection, detection, response, and recovery of RLG information assets.

• Creation and maintenance of RLG incident response plan and procedure.
• Undertake confidential and sensitive colleague investigations.
• Provide root cause analysis, create metrics to create reports and analytics to improve future incident response.
• Collect supporting information and/or relevant artifacts in support of incident response activities.
• Conduct technical analysis on impacted systems to determine impact, scope, and recovery from active and potential cyber incidents.
• Document the findings of cyber threats, subsequent remediation, and recovery in an effective and consistent manner.
• Execute the Incident Response Lifecycle and coordinate remediation activities throughout the organization and its lines of business as a part of Cyber Incident Response handling.
• Present incident, improvements and features to senior management.

Recent & relevant experience within an incident response role:

• Understand threat analysis / threat modelling.
• Experience with endpoints/EDR in an MDR.
• Experience of managing complex and challenging Cyber Security or Service Incidents.
• Understanding of common cybersecurity threats and terminology including but not limited to phishing, malware, and data compliance.
• Ability to create structured reports on cybersecurity incidents.
• Proficient project management, organisation, and communication skills.
• Self‑motivated, innovative, and willingness to learn.

Benefits: 28 days annual leave in addition to bank holidays, up to 14% employer matching pension scheme, and private medical insurance.

We're an inclusive employer. We celebrate and value different backgrounds and cultures across Royal London. Our diverse people and perspectives give us a range of skills which are recognised and respected, whatever their background.