Senior Incident Response Analyst

Coalition·Remote(United Kingdom)
Cybersecurity

WFA Digital Insight

The demand for skilled cybersecurity professionals has surged in recent years, with a reported 35% increase in job postings in 2025 alone. As companies continue to navigate the complexities of the digital landscape, the need for experts in incident response and digital forensics has become paramount. Coalition, a pioneering Active Insurance provider, is at the forefront of this movement, and their Senior Incident Response Analyst role is an exciting opportunity for seasoned professionals to make a tangible impact. With the rise of remote work, companies are looking for candidates with strong technical skills, excellent communication abilities, and the capacity to work effectively in fast-paced, high-stress environments. Before applying, candidates should be aware that this role requires substantial hands-on experience in digital forensics and incident response, as well as the ability to work collaboratively with cross-functional teams.

Job Description

About the Role

The Senior Incident Response Analyst position at Coalition is a critical component of the company's efforts to protect businesses from digital risk. In this role, you will be responsible for leading digital forensics and incident response investigations, working closely with policyholders to manage and mitigate the impact of cyberattacks. This is a unique opportunity to join a remote-first company that is pushing the boundaries of what it means to be an insurance provider, and to be part of a team that is dedicated to making a real difference in the lives of businesses and individuals.

As a Senior Incident Response Analyst, you will be working as part of a dynamic team that is passionate about cybersecurity and dedicated to delivering exceptional results. You will have the opportunity to work on a wide range of cases, from business email compromise to ransomware attacks, and to develop and implement effective incident response strategies that help businesses recover quickly and minimize downtime.

Coalition is committed to creating a supportive and inclusive work environment that allows employees to thrive and grow. With a strong focus on remote work, the company offers a range of benefits and perks that are designed to support employees' physical and mental well-being, from 100% medical coverage to mental health wellness programs.

What You Will Do

  • Lead digital forensics and incident response investigations from initial scoping through recovery, reporting, and case closure
  • Analyze cloud, email, endpoint, network, and web artifacts to reconstruct attacker activity and determine scope and impact
  • Produce clear forensic reports and present findings to insureds, counsel, brokers, and internal stakeholders
  • Coordinate response efforts with cross-functional partners, including CIR, Claims, MDR, security engineering, and external vendors
  • Improve CIR UK playbooks, operating procedures, and proactive services such as tabletop exercises
  • Support follow-the-sun response coverage by contributing to North American and Australian cases during UK business hours
  • Develop and maintain strong relationships with key stakeholders, including policyholders, brokers, and external partners
  • Stay up-to-date with the latest threats, technologies, and techniques in the field of incident response and digital forensics
  • Participate in the development of incident response plans and procedures, and contribute to the continuous improvement of the incident response process
  • Collaborate with internal stakeholders to identify areas for improvement and implement changes to enhance the overall effectiveness of the incident response process

What We Are Looking For

  • Substantial hands-on experience in digital forensics and incident response, with a strong track record of leading investigations and managing incident response efforts
  • Strong technical skills, including experience with Windows and Linux forensics, cloud-based attack activity, and network logs and telemetry
  • Excellent communication and interpersonal skills, with the ability to work effectively with both technical and non-technical stakeholders
  • Experience working in a fast-paced, high-stress environment, with the ability to prioritize tasks and manage multiple cases simultaneously
  • Strong analytical and problem-solving skills, with the ability to analyze complex data sets and develop effective incident response strategies
  • Experience working with cross-functional teams, including CIR, Claims, MDR, security engineering, and external vendors
  • Strong understanding of cybersecurity principles and practices, including threat intelligence, vulnerability management, and incident response
  • Experience with scripting or automation to improve forensic workflows and operational efficiency
  • Familiarity with UK privacy or regulatory considerations and how they affect incident response decision-making

Nice to Have

  • Experience with macOS forensics
  • Experience with website forensics, especially WordPress or similar platforms
  • Familiarity with forensic investigations in AWS, Google Cloud, or other major cloud environments
  • Experience with incident response in a cloud-based environment
  • Certification in a relevant field, such as CompTIA Security+ or CISSP

Benefits and Perks

  • 100% medical coverage, including outpatient care
  • Life insurance
  • 25+ paid holidays
  • Annual home office stipend
  • 7% employer pension contribution
  • Mental and physical health wellness programs, including Headspace and Wellhub
  • Competitive compensation and opportunity for advancement
  • Remote work environment with flexible working hours
  • Opportunities for professional development and growth
  • Access to the latest tools and technologies in the field of incident response and digital forensics

How to Stand Out

  • Develop a strong understanding of the latest threats and technologies in the field of incident response and digital forensics, and stay up-to-date with industry developments and trends.
  • Build a professional network of contacts in the field, and participate in online communities and forums to stay informed and share knowledge.
  • Create a portfolio of your work, including examples of your incident response and digital forensics experience, and be prepared to present this to potential employers.
  • Practice your communication and interpersonal skills, and be prepared to work effectively with both technical and non-technical stakeholders.
  • Consider obtaining certification in a relevant field, such as CompTIA Security+ or CISSP, to demonstrate your expertise and commitment to the field.
  • Be prepared to work in a fast-paced, high-stress environment, and prioritize your tasks and manage your time effectively to meet deadlines and deliver results.
  • Research the company and the role thoroughly, and be prepared to ask informed questions during the interview process.

This is a remote position listed on WFA Digital, the platform for professionals who work from anywhere. Browse more remote jobs across all categories.