Overview
On Site
Full Time
Skills
Customer Service
Insurance
Effective Communication
Teamwork
Customer Engagement
Collaboration
Innovation
Recovery
Documentation
Process Improvement
Root Cause Analysis
EnCase
Forensic Toolkit
Open Source
Network
Malware Analysis
Windows PowerShell
Bash
Python
Cost Management
Productivity
Policies and Procedures
Reporting
SAFE
People Management
Computer Science
Information Technology
CISSP
CISM
GCFA
GCIH
Cloud Security
Forensics
Amazon Web Services
Microsoft Azure
Microsoft Office
Incident Management
Digital Forensics
Cyber Security
Microsoft Windows
Linux
Cloud Computing
SIEM
PCI DSS
ISO/IEC 27001:2005
Analytical Skill
Management
Communication
Job Details
Tokio Marine HCC (TMHCC) brings 50 years of service to the specialty insurance industry, today offering over 100 products to commercial customers in 180 countries around the world. Organic growth and over 60 successful acquisitions have grown our 2022 Gross Written Premium (GWP) to $5 Billion. Our workforce has grown to 4,300 worldwide ... big, but not so big that you cannot make a difference. Our Good Company values, including integrity, empowerment, and commitment to customer service, and a culture of innovation, communication, and collaboration make TMHCC a great place to work.
TMHCC Stop Loss, a $2 Billion division within TMHCC, leads the way in providing medical stop loss insurance sold to employers. Medical Stop Loss provides an added layer of insurance protection to employers who choose to self-fund their health benefit plans. Self-funding can incur risks from catastrophic claims, and Medical Stop Loss insurance from Tokio Marine HCC is designed to protect employers from that risk.
Provides critical technical expertise in digital forensics and incident response for TMHCC insureds. Conducts forensic analysis, supports containment and recovery, and helps insureds understand the scope and impact of cyber incidents. Works closely with senior consultants and analysts. Balances investigative precision with effective communication, ensuring timely and accurate results that help clients resume operations securely. Executes investigations, supports triage and response, and documents findings. Analyzes logs, network data, and systems artifacts, working collaboratively with senior responders to resolve active incidents and prevent recurrence.
Key Responsibilities
Competencies
Planning
Follow work plans, established timelines, and predefined goals for assigned work.
Meet commitments on deadlines.
Communication
Communicate activities, results, and observations with employees and management as appropriate.
Cost Management
Identify areas for improvement in existing business practices.
Perform work thoroughly in a cost-efficient manner and at a high productivity level.
Business Controls and Policies
Comply with all corporate policies and procedures.
Report any breakdowns in controls to management.
Conduct all activities in a safe manner.
People Management
No people management responsibility.
Education
4 Year / Bachelors Degree
in Cyber security, Computer Science, Information Technology or related field
Certifications, Licenses, and Designations
Advanced certifications such as CISSP, CISM, GCFA, GCFE, GREM, GCIH, CFCE, or CCE are preferred.
Certifications in cloud security or forensics (AWS Security, Azure Security Engineer, Microsoft 365 Defender Expert) are advantageous.
Experience
2 Years professional experience in incident response, digital forensics, or cybersecurity operations
TMHCC Stop Loss, a $2 Billion division within TMHCC, leads the way in providing medical stop loss insurance sold to employers. Medical Stop Loss provides an added layer of insurance protection to employers who choose to self-fund their health benefit plans. Self-funding can incur risks from catastrophic claims, and Medical Stop Loss insurance from Tokio Marine HCC is designed to protect employers from that risk.
Provides critical technical expertise in digital forensics and incident response for TMHCC insureds. Conducts forensic analysis, supports containment and recovery, and helps insureds understand the scope and impact of cyber incidents. Works closely with senior consultants and analysts. Balances investigative precision with effective communication, ensuring timely and accurate results that help clients resume operations securely. Executes investigations, supports triage and response, and documents findings. Analyzes logs, network data, and systems artifacts, working collaboratively with senior responders to resolve active incidents and prevent recurrence.
Key Responsibilities
- Teamwork and Client Engagement
- Collaborate with peers and senior consultants to support investigation and response activities.
- Communicate technical findings clearly to both technical and non-technical audiences.
- Maintain positive, professional relationships with insureds and carriers.
- Contribute to a team culture of innovation, continuous learning, and technical excellence.
- Incident Response Operations
- Execute assigned tasks during all phases of cyber incident response: triage, containment, eradication, recovery, and lessons learned.
- Perform forensic imaging, log collection, and analysis of affected systems, cloud platforms, and endpoints.
- Support development and maintenance of incident response documentation and process improvement.
- Assist in root-cause analysis and identification of attacker TTPs.
- Technical Experience
- Conduct digital forensic investigations using tools such as ELK, Axiom, EnCase, FTK, or open-source alternatives.
- Analyze endpoint and network telemetry (Defender, SentinelOne, CrowdStrike, etc.).
- Stay current with emerging threat actor techniques, malware variants, and forensic methodologies.
- Script or automate forensic tasks (PowerShell, Bash, Python) when applicable.
Competencies
Planning
Follow work plans, established timelines, and predefined goals for assigned work.
Meet commitments on deadlines.
Communication
Communicate activities, results, and observations with employees and management as appropriate.
Cost Management
Identify areas for improvement in existing business practices.
Perform work thoroughly in a cost-efficient manner and at a high productivity level.
Business Controls and Policies
Comply with all corporate policies and procedures.
Report any breakdowns in controls to management.
Conduct all activities in a safe manner.
People Management
No people management responsibility.
Education
4 Year / Bachelors Degree
in Cyber security, Computer Science, Information Technology or related field
Certifications, Licenses, and Designations
Advanced certifications such as CISSP, CISM, GCFA, GCFE, GREM, GCIH, CFCE, or CCE are preferred.
Certifications in cloud security or forensics (AWS Security, Azure Security Engineer, Microsoft 365 Defender Expert) are advantageous.
Experience
2 Years professional experience in incident response, digital forensics, or cybersecurity operations
- Proven track record supporting investigations in Windows, Linux, or cloud environments.
- Knowledge of digital forensic artifacts, data preservation, and evidence handling.
- Experience with EDR tools (Defender, SentinelOne, CrowdStrike) and SIEM technologies.
- Understanding of frameworks such as NIST CSF, PCI DSS, ISO 27001.
- Strong analytical, organizational, and time-management skills.
- Excellent written and verbal communication abilities.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.