Incident Response Analyst

Incident Response Analyst

Department: Incident Response

Employment Type: Permanent - Full Time

Location: London

Reporting To: Connor Rowden

Description

CFC Response is the cybersecurity arm of CFC, and we are a unique collaborative team of incident responders, business resumption engineers, and cybersecurity specialists whose sole responsibility it is to protect, recover, and mature the more than 80,000 CFC insurance policyholders. In order to remain at the front of this exciting market it is critical that we continue to innovate with our products and service offerings. As a result, we are looking to recruit a Analyst to join our Incident Response team, joining a team of leading IR industry professionals who are responding to complex cyber incidents, at scale and across the globe. 

Key Responsibilities

This is a technical Incident Response role whose primary focus will be on data scoping and collection, investigation of the root cause, scope and data impact of a cyber incident and the verbal and written reporting of findings to respective insured/clients. 

• Scope and perform data collection for Business Email Compromises (BECs) investigations.
• Perform investigations for BECs determining the root cause and data impacted. 
• Provide BEC containment and eradication advice to insured/clients. 
• Present BEC investigation findings to insured/clients and answer relevant technical questions that may arise.  
• Author comprehensive investigation reports detailing the timeline of an incident from root cause to data impact. 
• Align findings and recommendations to the MITRE ATT&CK framework. 
• Identify and compile Indicators of Compromise following an investigation. 
• Ascertain through analysis of phishing emails and website the root cause of an incident and how existing security controls were bypassed.
• Support the Incident Response team in wider investigation and data collection support. 
• Foster good relationships with clients, policyholders, brokers, underwriters and capacity providers, and drive excellent customer service.
  

Skills, Knowledge and Expertise

This role is ideal for someone with a passion for cyber, looking for an entry level role where they can learn and develop their skillset to become a specialist within the cyber Incident Response field. We are ideally looking for someone that has completed a degree or certifications with a focus on a technical area (e.g. Computer Science, Information Security, Cyber Security ect.) and is keen to kick start their career with a growing company. 
You'll be be joining a group of technical experts who tackle cyber threats day-in-day-out and share their laser focus on customer service product excellence. You will have experience with log analysis and an understanding of common cyber-attacks with strong investigational skills. Programming experience in Python, PowerShell, BASH or similar scripting languages and working knowledge of the Microsoft 365 platform would be beneficial. 

Core Values

Love what you do:
We show up each day ready to take on the world. Our passion and intensity set us apart and makes the difference to our colleagues, customers, brokers and carriers.
Challenge everything:
We’re never afraid to question the way that things are done and we constantly challenge ourselves and others to makes things better.
Have fun, be good:
Insurance is a serious business, but we don’t take ourselves too seriously. We make it fun to work at CFC, we welcome all viewpoints, and we treat everyone how we would expect to be treated.