Associate Security Analyst Location: London (Hybrid – 60% onsite per week) Contract Type: 3 months (potential for extension) Organisation: Our client, a leading UK Government Department Clearance Required: Security Check (SC) Start Date: ASAP About the Role Our client is seeking an experienced Associate Security Analyst to join their Cyber Defence team. This is a hands-on role where you will investigate and respond to cyber security incidents that could impact critical systems and services across the UK. You will play a key part in identifying threats, supporting incident response, and helping to continually improve the organisation’s cyber defence capabilities. The role also involves mentoring apprentice analysts and joining an out-of-hours on-call rota to ensure 24/7 coverage of potential cyber incidents. Key Responsibilities * Investigate and triage cyber security alerts and user reports. * Analyse systems, files, network traffic, and cloud environments to determine the extent of incidents. * Support technical responses to incidents, including containment, eradication, and recovery. * Contribute to post-incident reviews and develop lessons learned. * Create and improve incident response playbooks and knowledge base articles. * Work closely with wider Cyber Defence functions to strengthen security operations. * Act as an escalation point for apprentice security analysts, providing coaching, mentoring, and line management. What We’re Looking For * 2–3 years’ experience investigating and responding to cyber incidents. * Hands-on use of SIEM tools (Splunk preferred, Microsoft Sentinel or equivalent acceptable). * Experience with EDR solutions to support incident investigation. * Understanding of threat actor tools, techniques, and procedures (TTPs). * Strong analytical and problem-solving skills. * Excellent written and verbal communication skills. Desirable skills: * Advanced Splunk experience or certification. * Experience in Agile environments. * Familiarity with cloud environments such as AWS. Interview Process The interview will be conducted via Microsoft Teams and will consist of: 1. A short competency-based discussion. 2. A practical Splunk exercise to investigate a simulated cybersecurity scenario. 3. A short technical quiz covering general cybersecurity knowledge. Why Join? This is a unique opportunity to contribute to protecting vital government services in a high-profile environment. You’ll be part of a collaborative Cyber Defence team, gain exposure to advanced security tooling, and play an important role in shaping and improving cyber incident response capabilities