Information Security Analyst | Permanent | Hybrid
* Hybrid Model: 2 days onsite
* Role Location: Central London
* Industry: Highly regulated
Job Summary
Our client, a leading global legal services firm is seeking an Information Security Analyst to support day-to-day security operations and help strengthen the firm’s global security posture. The ideal candidate will have hands‑on SIEM and incident response experience, strong knowledge of security technologies (EDR, NDR, WAF, IDS/IPS), and a solid grasp of networking fundamentals. Familiarity with Microsoft 365, Azure Defender, and frameworks such as MITRE ATT&CK, ISO 27001, and NIST is essential. Security certifications such as CISSP, CISM, or SANS are advantageous.
Key Responsibilities
* Lead security incident identification, investigation, and remediation across the global team
* Monitor, review, and analyse security solutions, log files, and network traffic to detect and resolve threats
* Support the deployment and configuration of new security solutions and enhancements to existing controls
* Contribute to red/blue team testing, tabletop exercises, and system hardening procedures
* Act as the escalation point for security-related events raised by IT and Service Desk teams
* Maintain current knowledge of emerging threats and support the upkeep of security policies and standards
Qualifications and Requirements
* Proven hands‑on experience in an IT Security operations role with strong cyber threat awareness
* Demonstrated SIEM experience – alert triage, incident response, and use case development
* Working knowledge of security technologies: EDR, NDR, IDS/IPS, WAF, Web Proxies, Email Security, SOAR
* Good networking fundamentals and OS knowledge (Windows, Linux, Unix); scripting experience a plus
* Experience with Microsoft 365, Azure (Defender), and cloud security concepts
* Familiarity with MITRE ATT&CK and frameworks including ISO 27001, NIST, CIS CSC20, and Cyber Essentials+
* Security certifications or relevant degree desirable: CISSP, CISM, CCSP, CEH, CompTIA Security+, SC-200, AZ-500, or SANS (GCIH / GMON / GCCC)
#J-18808-Ljbffr