Job ID:
Location:Birmingham : Trinity Park : Bi
Position Category:Technology
Position Type:Employee Regular
Cyber Security Analyst
We’re looking for a Cyber Security Analyst who’s excited about the future of AI‑assisted defence and wants to be part of an internal Security Operations team. You’ll join a progressive Information Security function, reporting directly to the Information Security Manager, and take a hands‑on role in monitoring and responding to threats across our networks, servers, endpoints, and cloud environments.
At LRQA, our philosophy is built around an offensive security mindset—understanding attacker behaviour, anticipating their moves, and using automation and AI‑powered insights to stay ahead. As part of our growing team, you’ll dive into real technical challenges, work with teammates who share a passion for security innovation, and help us push our capabilities forward.
NOTE: This role supports LRQA’s internal security team and is not part of the LRQA Nettitude Managed Services function.
What You’ll Do
1. Operate and optimise LRQA’s AI‑enhanced Microsoft Defender security tooling, using machine‑learning insights and automated threat detection to identify, investigate, and respond to incidents.
2. Apply offensive‑security thinking to analyse attacker TTPs and strengthen LRQA’s detection engineering.
3. Continually refine SOC processes, using automation to reduce noise and amplify analyst impact.
4. Act as a key point of contact during security incidents, helping shape remediation strategies.
5. Experiment with new technologies, leverage AI‑driven capabilities, and contribute to a culture of continual learning and innovation.
Essential Skills & Experience
6. Hands-on experience with the Microsoft Defender security stack—alert triage, incident investigation, vulnerability analysis, and tuning detections for maximum signal-to-noise reduction.
7. Background in penetration testing or security operations, with strong knowledge of attack paths against Windows AD/AAD environments.
8. Strong documentation discipline, especially around procedures and technical processes.
9. Calm, structured approach under pressure—particularly during live security incidents.
10. A growth mindset, curiosity about AI/automation, and willingness to learn unfamiliar tools.
11. Passion for optimising existing security tooling rather than relying on unnecessary products.
12. Good understanding of attacker Tactics, Techniques, and Procedures (TTPs) and the ability to interpret threat intelligence.
13. Ability to work independently as well as collaboratively within a high‑trust, high‑autonomy team.
14. Creativity and commitment to reducing security risk—using both human intuition and automated intelligence.
Desirable Skills
15. Experience with Microsoft Sentinel, Zscaler, or other AI‑enabled cloud security technologies.
16. Additional Microsoft certifications: Microsoft SC‑ certified, SC‑, SC‑, SC‑.
17. Offensive security certifications such as OSCP, eCPPT, or hands‑on experience via HackTheBox, TryHackMe, etc.
18. Familiarity with modern tooling such as EDR, CSPM, PAM, NGFW, vulnerability management, and email security platforms.
Location
Hybrid role based in the UK, combining home working with office-based collaboration, workshops, and team sessions. Applicants must be UK residents.
Working Pattern
Shift-based work across early, mid, and late patterns ( hours per day) to provide extended working day coverage.
Pre-Employment Checks
If you are successful in securing a role with us, we will carry out pre-employment checks in accordance with what is allowed under local law.
These checks will include, (as permitted):- right to work, identification, verification of employment history, education, and criminal records.
We may involve the third-party supplier to run the background checks as needed and your data will be retained for a period as needed for the purpose of employing you.
Your data will be stored in accordance with all relevant privacy legislation.
Please contact us if you have any questions or concerns.