Associate Security Analyst
Location: London (Hybrid – 60% onsite per week)
Contract Type: 3 months (potential for extension)
Organisation: Our client, a leading UK Government Department
Clearance Required: Security Check (SC)
Start Date: ASAP
About the Role
Our client is seeking an experienced Associate Security Analyst to join their Cyber Defence team. This is a hands-on role where you will investigate and respond to cyber security incidents that could impact critical systems and services across the UK.
You will play a key part in identifying threats, supporting incident response, and helping to continually improve the organisation’s cyber defence capabilities. The role also involves mentoring apprentice analysts and joining an out-of-hours on-call rota to ensure 24/7 coverage of potential cyber incidents.
Key Responsibilities
* Investigate and triage cyber security alerts and user reports.
* Analyse systems, files, network traffic, and cloud environments to determine the extent of incidents.
* Support technical responses to incidents, including containment, eradication, and recovery.
* Contribute to post-incident reviews and develop lessons learned.
* Create and improve incident response playbooks and knowledge base articles.
* Work closely with wider Cyber Defence functions to strengthen security operations.
* Act as an escalation point for apprentice security analysts, providing coaching, mentoring, and line management.
What We’re Looking For
* 2–3 years’ experience investigating and responding to cyber incidents.
* Hands-on use of SIEM tools (Splunk preferred, Microsoft Sentinel or equivalent acceptable).
* Experience with EDR solutions to support incident investigation.
* Understanding of threat actor tools, techniques, and procedures (TTPs).
* Strong analytical and problem-solving skills.
* Excellent written and verbal communication skills.
Desirable skills:
* Advanced Splunk experience or certification.
* Experience in Agile environments.
* Familiarity with cloud environments such as AWS.
Interview Process
The interview will be conducted via Microsoft Teams and will consist of:
1. A short competency-based discussion.
2. A practical Splunk exercise to investigate a simulated cybersecurity scenario.
3. A short technical quiz covering general cybersecurity knowledge.
Why Join?
This is a unique opportunity to contribute to protecting vital government services in a high-profile environment. You’ll be part of a collaborative Cyber Defence team, gain exposure to advanced security tooling, and play an important role in shaping and improving cyber incident response capabilities