The Senior Security Analyst is a hands-on security operations role providing 24/7 operational coverage within a regulated financial services environment. You will own security incidents end-to-end, from detection through to investigation, response, and remediation coordination. Operating within a small, senior team, you will also deliver proactive security activities including threat hunting, vulnerability management, and tooling validation—ensuring continuous improvement of the client’s security posture. This role operates on a 24/7 shift pattern (12-hour shifts, 4-on / 4-off including nights and weekends). Key Responsibilities * Monitor and investigate alerts across Microsoft Defender, SIEM, and security tooling * Own security incidents end-to-end, including investigation, containment, and resolution * Perform deep-dive investigations using KQL and multi-source telemetry * Correlate data across endpoint, identity, cloud, and network environments * Determine threat severity and risk aligned to client and regulatory context * Coordinate response actions with IT, cloud, and platform teams * Escalate complex incidents to security engineering or leadership where required * Conduct vulnerability scanning and review findings (e.g. Qualys) * Run breach and attack simulations and exposure validation (e.g. XM Cyber, AttackIQ) * Perform web application scanning and triage vulnerabilities * Execute proactive threat hunting aligned to MITRE ATT&CK * Optimise detection rules and reduce false positives * Validate and maintain security tooling effectiveness * Drive remediation actions through to completion across multiple teams * Produce clear documentation, incident reports, and audit-ready records Experience & Knowledge Essential: * Strong experience in security operations (incident detection, investigation, response) * Experience working with Microsoft Defender XDR and security tooling * Experience with SIEM platforms (ideally Microsoft Sentinel, KQL querying) * Strong understanding of threat detection, incident response, and root cause analysis * Experience in regulated environments (e.g. financial services) * Knowledge of networking, operating systems (Windows/Linux), and security fundamentals * Strong analytical and problem-solving skills with ability to work independently * Experience collaborating with cross-functional technical teams Desirable: * Experience with vulnerability management tools (e.g. Qualys) * Experience with attack simulation and exposure tools (AttackIQ, XM Cyber) * Knowledge of threat intelligence and malware analysis * Awareness of security frameworks (MITRE ATT&CK, NIST, ISO 27001) * Basic scripting knowledge (PowerShell, Python, Bash)