The Client Based in London my client are a prestigious Professional services organisation boasting a workplace with cutting edge people that is moving with the modern ways working. Named as one of the leading professional services organisations places to work for 3 times in a row, the work environment attracts a seasoned professional who wants to be part of the best of breed. Job Overview We are seeking a Senior Cyber Security analyst who will be responsible for managing and investigating cyber incidents, ensuring that incidents are handled from beginning to end and are properly contained and remediated. You will work closely with suppliers and internal IT teams to scope and run penetration tests, scan for and fix vulnerabilities across the network, and implement security improvements across the estate. You will also mentor and support junior members of the team. Responsibilities Manage and respond to cyber security incidents from initial triage through to close down. Work with Major Incident Management teams and Head of Cyber Security to manage and investigate serious incidents as required. Document incidents clearly and report upwards as required. Investigate incidents using a range of tooling such as endpoint analysis via Microsoft Defender, use of SIEM products, log analysis and malware analysis. Operate the firm's Vulnerability Scanning solution, manage the resolution of vulnerabilities across various teams, and provide reports and metrics as required. Research and incorporate relevant threat intelligence during the incident investigation and in written and verbal reports. Maintain current tooling and best practise knowledge in relation to attacker tactics and techniques, response processes, containment and remediation of incidents. Track cyber threat actors/campaigns based off technical analysis and open source intelligence. Scope and provide oversight and management of penetration testing / red teaming activities. Drive improvements in the cyber security team's functions and capabilities improving incident handling, tooling, general skills and knowledge etc. Perform threat hunting activities across the network, including designing and running threat hunts. Mentor and support more junior analysts. Liaise with Architecture, IT Operations, Network Security and IT Risk to implement security enhancements and during incidents. Manage and respond to incidents. Work with teams across the business to successfully resolve incidents including business teams, IT teams, and suppliers. Report metrics relating to incidents, vulnerability scans and other relevant areas as required. Input into strategy and direction for the team as a whole. Run vulnerability scans as required (shared across the team) Support / manage scoping of supplier work such as penetration tests, build or network security reviews and oversee delivery of this work. Manage projects / ongoing tasks these will be varied but will be aligned to your role such as managing a project to roll out a new security tool or a set of improvements to our detection capabilities. Mentor and guide junior staff as required. Drive improvements across the security function for example improving our playbooks, defining new threat hunting processes, training up other staff in areas you are highly skilled in, recommend improvements to the Head of Cyber Security. Your experience so far 3 years of hands on cyber incident response experience with proven capability and experience of investigating, managing and remediating cyber security incidents. Knowledge of data breaches, ransomware, fraud and other types of serious incident. Knowledge of current and emerging advanced cyber threats, attack and evasion techniques, command and control infrastructures and insider threat behaviour. Experience in escalating and articulating security concepts to senior, technical and non-technical audiences. Strong organisational, communication and project management skills. Strong Azure / M365 cloud knowledge and experience as well as on-premise IT experience. Usage of investigation tools such as malware sandboxes, SIEMs, log analysis tooling, network traffic analysis, endpoint analysis (event logs, files, processes). Experience with vulnerability scanning and management tooling and interpretation of results. Experience working in a team-oriented, collaborative environment. Windows operating systems Experience with standard on-premise security products such as firewalls, proxies, endpoint solutions. Desirable experience includes: Management of complex and major incidents such as data breaches and ransomware. Threat modelling and use case development and the MITRE ATT&CK framework to guide detection rulesets, threat hunting and investigations. Team / people management and mentoring Development of SIEM use cases and rulesets (knowledge of what is possible/practical, implementation experience not essential). Project management experience. Documentation of security processes, designs, project plans