Rodeo
ResourcesPartnersSign in

Kroll

Associate Principal, Response Operations

United Kingdom
Posted about 1 month ago
Sign up to applySee more jobs like this

How your CV stacks up

1Upload CV
2Analyse CV
3Improve CV

Upload your CV to see how well it fits this job role

?%

Associate Principal, Response Operations

In a world of disruption and increasingly complex business challenges, our professionals bring truth into focus with the Kroll Lens. Our sharp analytical skills, paired with the latest technology, allow us to give our clients clarity—not just answers—in all areas of business. We embrace diverse backgrounds and global perspectives, and we cultivate diversity by respecting, including, and valuing one another. As part of One team, One Kroll, you’ll contribute to a supportive and collaborative work environment that empowers you to excel.

Kroll’s Cyber Risk team works on over 2,000 cases a year, including some of the most complex and highest profile matters in the world. With experts based around the world, supported by ground-breaking technology, we help protect our client’s data, people, operations and reputation with innovative assessments, investigations, and intelligence. We are the only company in the world with the expertise and resources to deliver global, end-to-end cyber risk management, supporting organizations through every step of their journey toward cyber resilience.

Clients count on us for quick and expert support in the event of and in preparation against a cyber incident; from incident response to risk assessments, and complex forensics to breach notification and ID theft remediation we help clients – of all sizes – respond with confidence.

At Kroll, your work will help deliver clarity to our clients’ most complex governance, risk, and transparency challenges. Apply now to join One team, One Kroll.

Day To Day RESPONSIBILITIES

We are looking for bright, motivated, and inquisitive minds to join our Kroll Responder monitoring and response team who are experienced in and passionate about modern cyber threat hunting and active response. Our Associate Principals use leading endpoint detection and response tools to rapidly identify, investigate, and respond to threats and threat actors impacting systems and networks around the globe every day.

Reasons to use Rodeo

I’m in my final year doing Economics and I don’t know whether to apply for grad schemes now or do a masters first. What do you think?

Honest answer — it depends on where you want to end up. A lot of top grad schemes (Big 4, civil service, banking) don’t need a masters. Let’s look at the ones you’d be competitive for now, and we can decide if a masters actually adds anything.

Also worth knowing: most autumn 2026 applications are open now. Timing matters more than you think.

Start with a chat, not a search bar

Grad scheme, placement, apprenticeship? Not sure what you want yet — that's fine. Your agent talks it through with you and turns "I have no idea" into a shortlist.

P

Graduate Consultant — 2026 Scheme

PwC·London, UK
£35,000/yr

Why you're a good match

Strong

Your economics background and your summer at a regional bank line up with what PwC looks for on the consulting scheme. Applications close in four weeks.

See breakdown
Save jobNot relevant
View details

It searches the market for you

Every day your agent scans the market matching roles against what actually matters to you, not just keywords on a CV.

Why you're a good match

You’ve got the grades and the economics background, and your bank internship is exactly the experience this scheme looks for. Apply soon — deadlines close within the month.

See breakdown
Strong

Experience fit

Your summer at the bank plus your econometrics coursework map directly to the day-one responsibilities on this scheme — client modelling, market briefings, and deal support.

See breakdown
Strong

Only hits

No noise. No "maybe this fits." Just roles with a clear explanation of why they're right — and where to focus when applying.

Perform ongoing threat hunting, analysis, containment, and remediation of threats identified through advanced endpoint detection and response (EDR), endpoint prevention (EPP), SIEM, and related security tools. Collect and review relevant forensic artifacts to identify root cause and understand nature of threats. Develop and communicate written and verbal threat reports associated with events to customers. Assist in ongoing research, development, and testing of enhanced threat detection and response tools, techniques, and indicators. Support incident engagement teams with active intrusion detection and response tasks. Conduct threat research, forensic analysis, and basic malware analysis of threats. Actively participate in related client meetings and teleconferences. Assist clients with questions regarding threat detections, EDR tools, deployment, and maintenance.

Essential Traits

Bachelor’s degree or higher in Computer Science, Cyber Security, Computer Engineering, or similar technical degree. Minimum 5 years’ experience in threat hunting, detection, and response or equivalent experience. Ability to respond rapidly, multi-task, and communicate effectively both verbally and in writing with customers, team members, and engagement managers. Highly motivated, tenacious, assertive problem solver with a desire to analyze root cause and reach effective conclusions to active intrusions and incidents on an ongoing basis both individually and as part of larger response teams. Solid understanding of Windows operating system fundamentals, architecture (File System, registry, processes, binaries, DLL’s, etc.) and administration concepts. Similar understanding of MacOS and/or Linux a plus. Prior experience actively using endpoint threat detection and response (EDR) products to investigate threats such as SentinelOne, Crowdstrike Falcon, VMWare Carbon Black, Microsoft Defender for Endpoint, Cortex XDR, Trend Micro XDR, or others. Understanding of common threat actor techniques, malware behavior and persistence mechanisms. Working knowledge of various scripting languages and tools (PowerShell, Python, VB, Yara) Working knowledge of TCP/IP and related networking concepts. Prior experience using Splunk or other SIEM solutions, intrusion detection solutions, or related security products. Relevant cyber security certifications including CISSP, GCIA, GCIH, GCFA, GMON, or GREM a plus. Excellent written and verbal communication skills Availability for occasional after-hours, weekends, and/or holiday work in response to active incidents.

Get help with your application

Your very own career expert that helps elevate your application to the next level.

Get help applying for this job

In order to be considered for a position, you must formally apply via careers.kroll.com.

Kroll is committed to creating an inclusive work environment. We are proud to be an equal opportunity employer and will consider all qualified applicants regardless of gender, gender identity, race, religion, color, nationality, ethnic origin, sexual orientation, marital status, veteran status, age or disability.

Trusted by 25,000+ job seekers

“It took my CV and asked me questions relevant to understanding what kind of jobs to suggest for me. Suggestions were almost perfect. Jobs were exactly what I’ve been looking for.”

Jessica, London

Get help applying for this job

Skills

Threat Hunting
Incident Response
Forensic Analysis
Malware Analysis
Endpoint Detection
Security Tools
Scripting Languages
TCP/IP
Networking Concepts
Cyber Security
Communication Skills
Problem Solving
Windows Operating System
MacOS
Linux
SIEM Solutions

Location

United Kingdom

Sign up to applySee more jobs like this