Senior Cyber Incident Reponder Location: Remote Department: Cyber Job Description: SENIOR CYBER INCIDENT RESPONDER Salary: £55,000 to £65,000 depending on experience Location: Remote (Hybrid) The Role Due to our continued growth, we are looking for an experienced Senior Cyber Incident Responder to add to the CYFOR Secure team. The ideal candidate will have at least 5 years' experience responding to and investigating a range of cyber incidents and demonstrate in-depth knowledge of common cyber incident types and threat actor methodologies. You'll have a deep technical knowledge of incident response, digital forensics, M365, cloud environments and investigations processes, along with excellent client facing skills and a can-do attitude. You'll also be able to demonstrate flexibility, commitment and integrity. This role is primarily focused on incident response investigations, but you will also be required to support and backfill remote and onsite business recovery activities, security assessments and tabletop exercises when required. In return, you'll receive a salary commensurate with experience; plus training, overtime and excellent career prospects. You'll enjoy a varied and highly fulfilling role, working with great colleagues in a fantastic atmosphere. This is a unique opportunity to join a highly successful business that truly focuses on its main asset, its team members. Security Clearance Please note that this role will require NPPV3 clearance in addition to National security clearance to SC level. Applicants MUST have been continuously resident in the United Kingdom for the last 5 years. If you do not hold an active SC clearance, please familiarise yourself with the vetting process before applying. Main Responsibilities - Perform high-tempo emergency incident response engagements for clients, leading and supporting technical containment, eradication and recovery actions including credential resets, host isolation, network quarantine, EDR deployment, persistence removal and validation of clean-state restoration. - Conduct host, network and cloud-focused forensic investigations to determine initial access, root cause, attack path, lateral movement, privilege escalation, persistence mechanisms, command-and-control activity and the scope of data or systems impacted. - Acquire, preserve and analyse forensic evidence from endpoints, servers, virtual machines and enterprise infrastructure using forensically sound methodologies, ensuring evidential integrity and defensible investigative outcomes. - Investigate artefacts across server logs, firewall logs, proxy logs, VPN logs, intrusion detection and prevention alerts, authentication records, EDR telemetry, cloud audit logs and packet or traffic data to reconstruct attacker activity and identify affected accounts, hosts and datasets. - Perform malware triage, reverse engineering and behavioural analysis to determine malware capability, execution flow, persistence, communications patterns, credential theft activity, data staging or exfiltration risk, and to produce actionable indicators of compromise and detection opportunities. - Fuse frontline threat intelligence, open-source research and adversary TTP analysis into live investigations to enrich hypotheses, accelerate scoping, attribute likely threat activity where appropriate, and strengthen detection and containment decisions. - Apply structured, hypothesis-led investigative methodology under pressure, maintaining calm judgement, technical accuracy and clear prioritisation during complex, high-impact and time-sensitive incidents. - Produce high-quality technical deliverables including evidence-based investigation reports, attack timelines, executive summaries, indicators of compromise, remediation recommendations and client-ready findings suitable for technical, leadership and third-party stakeholder audiences. - Deliver regular, concise and high-quality updates throughout engagements, clearly communicating current findings, investigative direction, risk, client actions, containment status and next steps to both technical teams and senior stakeholders. - Support and advise clients through remediation, recovery and rebuild activities including system reimaging, Active Directory hardening or rebuilds, control improvement, network segmentation, patching, validation of eradication and post-incident security uplift. - Use forensic triage, live response and targeted acquisition techniques to rapidly identify patient zero, prioritise critical systems, reduce unnecessary full-disk imaging and scale investigations efficiently across large enterprise environments. - Support the delivery of compromise assessments, threat hunting, security assessments, incident preparedness activities and tabletop exercises to improve client readiness before, during and after security incidents. - Travel at short notice when required to provide on-site incident response, forensic acquisition, crisis support and recovery assistance for business-critical client environments. - Collaborate closely with incident response, threat intelligence, malware analysis, detection engineering, red team, SOC and infrastructure stakeholders to ensure investigations are intelligence-led, technically rigorous and operationally effective. - Contribute to the continuous improvement and promotion of DFIR services by feeding back lessons learned from engagements, developing new capabilities, refining methodologies and supporting go-to-market initiatives. - Actively share knowledge across the organisation by delivering internal training, mentoring team members, contributing to playbooks, and improving collective investigative capability and technical depth. - Represent the organisation externally through thought leadership activities including conference speaking, client briefings, technical blog writing and community engagement, helping to strengthen brand credibility and industry presence. - Capture and operationalise insights from incidents into reusable intelligence, detection content, tooling improvements and best practices, ensuring knowledge is retained and scaled across future engagements - - Skills and Experience - Minimum 5 years' experience in cyber incident response and digital forensics. - Experience collecting forensic evidence from compromised systems. - Experience investigating cyber incidents to understand malicious activity. - Proven understanding of the Cyber Kill Chain, MITRE ATT&CK and other information security defence and intelligence frameworks. - Comprehensive knowledge of incident handling, threat hunting and threat intelligence. - Ability to correlate events from various sources to create incident timelines. - Experience in cloud-based infrastructure including Microsoft Azure and Office 365, Amazon AWS, and Google Cloud. - Experience with Linux/Unix systems as a digital forensics tool, including command-line evidence acquisition and analysis. - Knowledge of Windows server infrastructure; including Active Directory, Domain Controllers, and Exchange Servers. - Excellent client facing skills, with the ability to communicate at all levels, adapting the style of communication to meet the needs of the audience. - An excellent attitude and the willingness to learn and study for certifications. - Ability to effectively plan and coordinate projects. - Excellent written and verbal communication skills. - An investigative mindset with a high level of attention to detail. - Demonstrate a flexible approach to work and a high level of self-motivation. - Ability to exercise discretion and confidentiality. - - Desirable Skills - Previous exposure to enterprise scale infrastructure and technology stacks. - Appropriate incident response certifications (e.g., CREST Intrusion Analyst or Incident Manager). - Experience deploying and monitoring endpoint protection (e.g. SentinelOne) across a variety of systems during incident response. - Experience with network connected devices such as firewalls, VPNs and switches. - Experience with backup systems, including Veeam. - Experience with virtualization systems, including VMWare and Hyper-V. - Experience with proactive security tools including vulnerability scanning and security auditing. - Experience with security certifications such as Cyber Essentials, Cyber Assurance and ISO27001. - Experience automating tasks using PowerShell and other relevant command line interfaces. - - Benefits - Flexible working - Company EV Scheme - Company pension scheme (3% employer contribution) - 24 Days annual holiday plus Bank holidays - Extra day's holiday for your birthday - Annual holiday loyalty bonus (increasing to 30 days after 3 years) - MediCash Cashplan - Life Assurance (Death in Service) - Annual Media Subscriptions (from a choice of Netflix HD, Amazon Prime, etc) - Loyalty bonuses: 3 years - £300, 5 years - £500, 10 years - £1,000 - Multiple free social events throughout the year, including a CYFOR Family Day - -

Role Description We are seeking an Incident Intake Coordinator to join our team! Location: Remote Position, but must be in PA. Schedule: - Monday & Tuesday evening - Saturday 12pm-8pm - Sunday 12pm-8pm Rate: $18-$31/hr - Based on Experience Responsibilities: - Receive incident notifications via phone, text, or automated reporting system - Conduct immediate intake interviews to gather essential details (who, what, when, where, immediate actions, health and safety status) - Ensure incidents are properly categorized - Create initial incident records in EIM (for PA) or the appropriate state required system - Timestamp all calls and entries - Forward incidents requiring investigation to the appropriate PQI Coordinator and Investigator in QCO - Escalate safety risks or events requiring immediate intervention to leadership in real time - Route non-urgent reports for follow up and entry into Avatar - Track all incidents from intake through assignment, investigation closure, and finalization in EIM - Provide clear supportive guidance to callers - Collaborate with PQI Directors to ensure accurate and timely information exchange - Maintain accurate logs of all incidents calls and follow up actions - Participate in incident management dashboard updates Qualifications - Must have experience with operating EIM (PA) - 1-3 years of IDD experience - Knowledge of other state EIMS a plus - Proficient in Microsoft Office Suite - Smartsheet experience - HS Diploma Required Benefits - Comprehensive medical, dental, and vision coverage, plus access to healthcare advocacy support - Retirement plan -- both pre-tax and Roth (after-tax) options available for employee contributions - DailyPay -- access your pay when you need it! - On the Goga well-being platform, featuring self-care tools and resources - Access Care.com for backup childcare, elder care, and household services - Confidential counseling, legal, and financial services through our Employee Assistance Program (EAP) - Tuition reimbursement and educational partnerships - Employee discounts and savings programs on entertainment, travel, and lifestyle - Access to Pryor Online Learning for free online personal development classes Company Description Merakey is a non-profit provider of developmental, behavioral health, and education services. More than 8,000 employees provide support to nearly 40,000 individuals and families throughout 12 states across the country each year. Merakey strictly follows a zero-tolerance policy for abuse. Merakey is proud to be an Equal Opportunity Employer! We deeply value diversity and do not discriminate on the basis of race, religion, color, national origin, ethnic background, sex, gender, gender identity, sexual orientation, age, marital status, veteran status, genetic information, or disability status. Moreover, we are committed to creating teams that reflect the diversity of the communities we serve and encourage applicants from underrepresented backgrounds to apply. Merakey welcomes all Veterans to apply!

UPMC Health Plan is hiring a full-time Critical Incident Investigator to help support the UPMC Community HealthChoices Quality Improvement Department for its downtown Pittsburgh location at the US Steel Tower. This is a Monday through Friday daylight position. This is a remote position, but candidates must be located near Pittsburgh, PA. Community Health Choices will impact more than 400,000 people statewide who are dually eligible for Medicare and Medicaid or receive Medicaid funded long-term services and supports (LTSS). Through Community HealthChoices (CHC), we coordinate physical health care and LTSS to enhance the quality of life and independence for frail seniors and adults with disabilities in home and community-based environments as well as in institutional settings. The successful candidate will report, track, and manage critical incidents for Community HealthChoices (CHC) participants. This position will ensure critical incidents are responded to thoroughly, effectively, and timely and work closely with Complaints & Grievances, service coordinators, quality improvement coordinators, and other staff in the health plan to investigate incidents, trends, Quality of Care concerns, and ensure all parties required are contacted within specified timelines. Incident Reporting data will be collected and analyzed for quality measures, timeliness of response, and effective resolution. Responsibilities: - Monitor and manage multiple electronic intake queues to ensure timely and accurate critical incident reporting. - Report, monitor, and update incident-related information in electronic systems in compliance with Pennsylvania Office of Long-Term Living requirements. - Review reports and supporting documentation for completeness, accuracy, and required data elements related to long-term services and supports. - Collect, organize, and verify information from providers, service coordinators, and other sources to support accurate recordkeeping. - Review medical records, service plans, assessments, and related documents to ensure data is properly recorded and maintained. - Manage a high-volume caseload of approximately 200–250 open incidents once fully onboarded, prioritizing tasks to meet accuracy, timeliness, and documentation standards. - Maintain detailed, up-to-date electronic case records by documenting activities and outcomes in a timely manner. - Prepare clear and concise incident summaries and data reports for management review, both written and verbal, as requested. - Identify data discrepancies or documentation gaps and route them appropriately in accordance with organizational policies. - Adhere to system-wide standards, procedures, and productivity expectations. - Perform additional administrative and data-related duties as assigned. - Bachelor's degree in Human Services, Criminal Justice, or Social Work preferred; or Associate degree and 2 years of related work experience in investigations, criminal justice, service coordination, or long-term services and supports at an administrative level. - Knowledge of commercial, Medicaid, Medicare products, managed care principles, and home and community-based services preferred. - Competent in MS Word, Outlook, Excel, web-based healthcare applications. Strong organizational, interpersonal, and verbal and written communication skills. - Ability to successfully meet deadlines and manage multiple priorities in a fast-paced environment. - Strong critical thinking, judgment, and problem-solving skills. Licensure, Certifications, and Clearances: - Act 34 UPMC is an Equal Opportunity Employer/Disability/Veteran

A company built to serve you. It's your career, Shelter it! Catastrophe Response Team- Traveling Storm Adjuster $23.27- $32.59 minimum starting pay Job Level: Individual Contributor Shelter maintains broad salary ranges for its roles in order to account for variations in geographic location, education, training, skills, relevant work experience, business needs and market demands. Please remember that this is the minimum starting base pay only and does not consider other components that make up the total rewards package for the position. This is a position where the adjuster works from home, living in and servicing the Collinsville, IL area. Some travel will be required to assist in our regional area as needs arise. Home office equipment and company vehicle provided. What You Will Be Doing: The Catastrophe Response Team Adjuster will investigate, analyze, evaluate, and settle insurance claims involving auto damage losses. Specialize in adjusting property claims requiring physical inspection and requires extensive travel to a variety of geographic locations. Determine value of a claim and negotiates settlements. Involved in handling of complex property losses requiring expertise in fraud detection and prevention. Due to the duties and responsibilities of this position, a Credit Bureau Report, Motor Vehicle Report, and Criminal Background Check may be ordered on final candidates. What We're Looking For: - Requires excellent analytical, organizational, and decision-making skills. - Superior skills in investigation, organization, negotiation, communication, documentation, and customer service are required. - Must be physically able to travel long distances and lift/move/climb ladders. - Must be able to work outside in all temperatures and inspect property physically and visually. - Must be able to travel overnight as job requires. - Ability to maintain schedules and deadlines and work well with others. - Must possess a valid driver's license supported by a good driving history. - Requires minimal supervision and ability to work independently. - Ability to perform the essential functions of the position, with or without reasonable accommodation. Shelter's uncompromising commitment to excellence doesn't stop with our customers. We recognize our employees are what make us a premier organization in the insurance industry. Shelter Employees enjoy such benefits as: - Health, Dental, Voluntary Vision and Prescription Drug Insurance - Savings and Profit Sharing 401(k) - Paid Time Off for Sick and Personal Leave, Vacation and Holidays - Vitality Wellness Program - "Dress for Your Day" Dress Code - Flexible Scheduling - And much more! #IND1# If interested, please apply by: 04/22/2026