Senior Incident Response Analyst

TL;DR

Senior Incident Response Analyst (DFIR): Lead digital forensics and incident response investigations for policyholders facing cyber incidents like business email compromise, ransomware, data theft, and web compromise with an accent on analyzing cloud, email, endpoint, network, and web artifacts. Focus on reconstructing attacker activity, producing forensic reports, coordinating cross-functional responses, and improving UK playbooks and procedures.

Location: Any location, United Kingdom

Company

World's first Active Insurance provider combining comprehensive insurance coverage and innovative cybersecurity tools to help businesses prevent digital risks.

What you will do

• Lead digital forensics and incident response investigations from scoping through recovery, reporting, and closure.
• Analyze cloud, email, endpoint, network, and web artifacts to reconstruct attacker activity and assess impact.
• Produce forensic reports and present findings to insureds, counsel, brokers, and stakeholders.
• Coordinate with CIR, Claims, MDR, security engineering, and external vendors.
• Improve UK playbooks, procedures, and proactive services like tabletop exercises.
• Support follow-the-sun coverage for North American and Australian cases during UK hours.

Requirements

• Substantial hands-on DFIR experience leading investigations independently.
• Strong Windows and Linux forensics skills for evidence collection and analysis.
• Deep experience with Microsoft 365, email compromise, and cloud-based attacks.
• Ability to analyze logs and telemetry from networks, EDR, and security tools.
• Clear communication with technical and non-technical audiences under pressure.
• Effective collaboration across teams, stakeholders, counsel, vendors, and customers.

Nice to have

• macOS forensics experience.
• Website forensics, especially WordPress.
• Forensic investigations in AWS, Google Cloud.
• UK privacy/regulatory knowledge.
• Scripting/automation for forensic workflows.

Culture & Benefits

• Remote-first, inclusive culture focused on responsibility, ownership, and protecting businesses from digital risk.
• 100% medical coverage including outpatient care, life insurance, 7% employer pension contribution.
• 25+ paid holidays, annual home office stipend.
• Mental and physical wellness programs like Headspace, Wellhub.
• Competitive compensation and advancement opportunities.