Cyber Security Incident Responder

We are looking for a highly skilled Cyber Security Incident Responder to coordinate our response efforts on cyber security incidents, from detection to resolution. It’s an exciting time to join Admiral’s Security Operations as we are a fast growing, dynamic function with a wide range of tooling and expertise available to support the role. You will be responsible for the overall response to cyber incidents with a focus on driving actions, root cause analysis and lessons learnt. Whilst excellent communication and stakeholder management skills will play an important part of the role, an understanding of Digital Forensic principles and the curiosity to learn from the Digital Forensics and Incident Response (DFIR) analysts in the team is highly desired.

You’ll be reporting directly to the Head of DFIR but as an expert in your field, are encouraged to proactively engage and work with wider teams across the business to reduce risk and improve our security posture. Leading the coordination of cyber security incidents, you will guide and support others in applying cyber best practice ensuring continuous improvement in both security posture and risk mitigation.  You will need to be able to work under pressure in a fast-paced environment. There are opportunities to get involved and drive other exciting team objectives such as tooling integration, training/simulation delivery, problem management and the overall strategy of Admiral’s DFIR capability.

We are offering this as a remote role and encourage our employees to manage their time in line with our flexible working policy, to ensure optimal work-life balance for everyone at Admiral.

Main Duties

• Lead and coordinate cyber security incidents while implementing cyber best practice in line with industry standards (SANS, NIST)
• Collaborate with technical and cross functional teams such as cyber security, privacy, legal, fraud and risk management
• Bring expertise to ensure all lines of inquiry are exhausted and effective root cause analysis is performed
• Conduct post incident reviews to improve our security posture and mitigate risk for the business
• Guide and support the DFIR analysts conducting technical analysis during incidents and investigations
• Develop and maintain incident response plans, playbooks and procedures
• Drive incident and post incident activities effectively to ensure our response and remediation actions are carried out within specified timeframes
• Act as the primary point of contact for cyber incidents while issuing timely communications to stakeholders and thorough documentation of our incident response
• Mentor and coach others as a recognised leader in your field
• Provide training and awareness to your peers through DFIR’s incident response training and attack simulations
• Continuous improvement of our processes, tooling, strategy and cyber governance

Key Skills, Qualifications and Experience

Essential:

• Experience working in technical role within cyber security, incident response or digital forensics for at least 3 years
• Great communication skills – written and verbal
• Stakeholder management from technical and cross functional teams to senior directors
• Strong problem solving, analytical and decision-making skills with a keen sense for detail
• Proactive and curious mind set to exhaust all lines of enquiry and identify potential risks to the business
• Experience working in large organisations, able to build long lasting business relationships and operate well within a team
• Strong understanding of cyber security frameworks (NIST, SANs, Mitre Att&ck, ISO 27001)
• Proactive and highly organised

Desirable:

• Information Technology, Computer Science or relevant bachelor’s degree
• Experience handling complex cyber incidents for a large organisation
• Knowledge of malware and digital forensics techniques and procedures
• Ability to perform technical incident response activities such as log analysis
• Experience working in the Financial Services industry

Admiral: Where You Can

We take pride in being a diverse and inclusive business. It's a place where you can Be You, and show up as you are. We’re committed to fostering a people-first culture where everyone is accepted, supported, and empowered to be brilliant. You can, Grow And Progress at a pace and direction that suits you, Make A Difference for our customers and each other, and Share in Our Future with all colleagues eligible for up to £3,600 of free shares each year after one year of service.

Everyone receives 33 days holiday (including bank holidays) when they join us, increasing the longer you stay with us, up to a maximum of 38 days (including bank holidays). You also have the option to buy or sell up to an additional five days of annual leave.

We’re proud of our people-first culture. In fact, we've been recognised as a Great Place to Work for Women, a Great Place to Work for Wellbeing, and an overall Great Place to Work for over 25 years! We’re fully committed to making sure your progression is not slowed or halted by barriers related to race, gender, age, sexuality or any of the protected characteristics.

Our fantastic benefits make sure our colleagues have a great work-life balance; You can view some of our other key benefits here.

#LI-KG1