We are seeking an experienced Senior Cyber Security Analyst to play a leading role within a Cyber Defence team responsible for threat intelligence, threat detection, incident response, and vulnerability management across a large and complex environment. This role is focused on incident response, providing leadership during cyber events, driving technical investigations, and coaching junior analysts. This position requires a highly skilled cyber professional with experience managing significant security incidents in large organisations, strong analytical skills, and expertise with tools such as Splunk and EDR solutions. Key Responsibilities As a Senior Cyber Security Analyst, you will: Incident Response & Investigation * Lead investigations into security alerts to determine the nature, scope, and impact of cyber incidents. * Conduct forensic analysis of systems, files, logs, network traffic, and cloud environments. * Direct containment, eradication, and recovery activities, coordinating technical teams where required. * Support wider incident coordination and ensure effective communication across stakeholders. * Review past incidents to identify lessons learned and implement improvements. Capability Development * Identify opportunities to enhance incident response processes, tooling, automation, and playbooks. * Work closely with other Cyber Defence functions to strengthen overall cyber capability. * Develop and maintain internal documentation such as plans, playbooks, and knowledge base articles. Leadership & Support * Act as an escalation point for complex incidents and technical queries. * Provide coaching, mentoring, and line management to junior security analysts. * Participate in the out-of-hours on-call rota to support 24/7 incident response operations. Essential Experience & Skills * 5 years’ experience investigating and responding to cyber incidents within large organisations. * Strong hands-on experience with SIEM (especially Splunk) and EDR technologies. * Proven experience coordinating and managing cyber incident response activities. * Excellent analytical and problem-solving abilities. * Strong verbal and written communication skills. * Deep understanding of threat actor tools, techniques, and procedures (TTPs). * Experience guiding and developing junior cybersecurity staff. Desirable Experience * Practical experience using Splunk in real-world investigative scenarios. * Experience working in an Agile environment. * Familiarity with cloud technologies such as AWS. Additional Details * Interview Process: 1 stage (Teams) 1. 20 min: Competency-based interview 2. 20 min: Practical Splunk investigation exercise with screen sharing 3. 10 min: Online technical cybersecurity quiz