Role: Senior Cyber Operations Analyst
Location: London, Manchester, or Bristol
Salary: Competitive salary and package dependent on experience
Role Overview
Joining a fast-growing Blue Team, you will leverage advanced threat intelligence and security tooling to ensure effective incident detection and response. This is a senior technical role for a self-starter with an inquisitive nature and a deep understanding of attacker TTPs (Tactics, Techniques, and Procedures). You will act as a subject matter expert, bridging the gap between deep technical analysis and senior stakeholder consulting.
Key Responsibilities
* Detection Engineering: Develop and enhance security detection content, primarily within Splunk SIEM, across cloud, endpoint, and network platforms.
* Incident Response: Lead investigations into identified cyber security incidents and participate in tabletop exercises and alert testing.
* Strategic Improvement: Review SecOps standards to identify gaps in log ingestion, detection coverage, and business-as-usual (BAU) optimization.
* Mentorship: Act as a technical escalation point for junior analysts, providing guidance through active mentoring and shadowing.
* Stakeholder Management: Operate as a technical SME on client engagements, presenting complex security findings to senior stakeholders.
* Operational Monitoring: Perform alert triaging and review on a rota basis (9:00 AM to 5:30 PM).
* On-Call Support: Provide approximately one week per month of on-call availability for high-priority incident response (includes additional compensation).
Additional Client-Dependent Duties
* Proactive threat hunting and tradecraft development.
* Creation and refinement of Incident Response playbooks.
* Vulnerability scanning, management, and reporting.
* Opportunities for formal management and leadership roles based on career goals.
Experience & Desirable Attributes
We are looking for candidates with experience in several of the following areas:
* Threat Intelligence: Working knowledge of the Pyramid of Pain, IPCE, and the Threat Intelligence Lifecycle.
* Technical Literacy: Proficiency in scripting/programming (e.g., Python, Bash, C++, Java).
* Security Fundamentals: Strong grasp of network security, cryptography, cloud security, and forensics.
* Attacker Mindset: Up-to-date knowledge of prevalent APTs (Advanced Persistent Threats) and an understanding of how network protocols are abused.
* OS Internals: Knowledge of common analysis techniques for Windows and/or Linux environments.
Security Clearance Requirements
This role relates to a specific client requirement. Any offer of employment is subject to satisfactory BPSS and SC security clearance. This typically requires:
* 5 years of continuous UK address history.
* No periods of 30 consecutive days or more spent outside of the UK.
* Declaration of being a British passport holder with no dual nationalism at the point of application.
Benefits & Package
* Competitive Basic Salary.
* Annual Leave: 25 days vacation plus 3 extra days for charitable work.
* Healthcare: Comprehensive private medical insurance.
* On-Call Allowance: Additional compensation for incident response availability.
* Growth: Access to a community of industry-leading experts across Offensive Security, Research, and Compliance.