Senior Security Analyst

The Senior Security Analyst is a hands-on security operations role providing 24/7 operational coverage within a regulated financial services environment. You will own security incidents end-to-end, from detection through to investigation, response, and remediation coordination.

Operating within a small, senior team, you will also deliver proactive security activities including threat hunting, vulnerability management, and tooling validation—ensuring continuous improvement of the client’s security posture. 

This role operates on a 24/7 shift pattern (12-hour shifts, 4-on / 4-off including nights and weekends).

Key Responsibilities

• Monitor and investigate alerts across Microsoft Defender, SIEM, and security tooling
• Own security incidents end-to-end, including investigation, containment, and resolution
• Perform deep-dive investigations using KQL and multi-source telemetry
• Correlate data across endpoint, identity, cloud, and network environments
• Determine threat severity and risk aligned to client and regulatory context
• Coordinate response actions with IT, cloud, and platform teams
• Escalate complex incidents to security engineering or leadership where required
• Conduct vulnerability scanning and review findings (e.g. Qualys)
• Run breach and attack simulations and exposure validation (e.g. XM Cyber, AttackIQ)
• Perform web application scanning and triage vulnerabilities
• Execute proactive threat hunting aligned to MITRE ATT&CK
• Optimise detection rules and reduce false positives
• Validate and maintain security tooling effectiveness
• Drive remediation actions through to completion across multiple teams
• Produce clear documentation, incident reports, and audit-ready records

Experience & Knowledge

Essential:

• Strong experience in security operations (incident detection, investigation, response)
• Experience working with Microsoft Defender XDR and security tooling
• Experience with SIEM platforms (ideally Microsoft Sentinel, KQL querying)
• Strong understanding of threat detection, incident response, and root cause analysis
• Experience in regulated environments (e.g. financial services)
• Knowledge of networking, operating systems (Windows/Linux), and security fundamentals
• Strong analytical and problem-solving skills with ability to work independently
• Experience collaborating with cross-functional technical teams

Desirable:

• Experience with vulnerability management tools (e.g. Qualys)
• Experience with attack simulation and exposure tools (AttackIQ, XM Cyber)
• Knowledge of threat intelligence and malware analysis
• Awareness of security frameworks (MITRE ATT&CK, NIST, ISO 27001)
• Basic scripting knowledge (PowerShell, Python, Bash)