About

About the Role:Grade Level (for internal use):11 Cyber Incident Response AnalystThe RoleAs a Cyber Incident Response Analyst, you will be part of the Cyber Defence team that develops and oversees the company's security program, ensuring S&P Global is protected from existing and emerging threats. In close partnership with Security Operations and Threat Intelligence, you will detect, analyze, and decisively respond to security incidents, enrich investigations with timely intelligence, and help drive proactive defences. While based in the UK, you will support response and intelligence needs globally. Candidates should have a genuine interest in cyber security and a strong grasp of attacker tactics, techniques, and procedures (TTPs). This role requires a detail-oriented, critical thinker who understands how adversaries exploit systems, networks, and people-and how to respond. Experience applying threat intelligence to investigations and to improve detections is highly desirable. Primary Responsibilities Coordinate and triage response to cybersecurity events and conduct forensic analysis across endpoints, networks, cloud, and SaaS.Integrate threat intelligence into investigations (e.g., enrich IOCs, map activity to MITRE ATT&CK, identify likely threat actors/TTPs, and assess potential impact).Understand the threat landscape through collaboration with industry peers, FS-ISAC, trust groups, and commercial/open-source intelligence, translating insights into actionable recommendations.Develop, maintain, and operationalize Incident Response playbooks and SOPs; include PIRs (Priority Intelligence Requirements), collection plans, and feedback loops to refine detections.Work closely with the SOC to investigate incidents and deliver containment, remediation, and root cause analysis; produce high-quality intel-informed incident r