Salary: £75,000 - 75,000 per year Requirements: We require at least 2 years of experience as a Cyber Security Operations Analyst. We require experience working with Splunk and SIEM operations. We require proven experience across the end-to-end incident response lifecycle. We require experience in detection engineering and alert development. We require strong scripting or programming skills, ideally in Python and Bash; experience with C/C++ or Java is also valuable. We require solid cybersecurity fundamentals, including network security, cloud security, cryptography, and forensics. We require understanding of common network protocols and attacker abuse patterns. We require awareness of current APT groups and their tactics, techniques, and procedures. We require knowledge of analysis techniques for Windows and/or Linux environments. We require familiarity with threat intelligence frameworks and methodologies. We require candidates to be eligible for un-caveated UK SC Clearance. We require the ability to work in Glasgow on a hybrid basis and participate in on-call availability approximately one week per month. Responsibilities: We develop, maintain, and optimise detection content, primarily within Splunk SIEM, to identify threats across cloud, endpoint, and network environments. We collaborate across security functions to identify gaps in logging, alerting, and detection coverage aligned to business risk. We improve SecOps processes by recommending enhanced logging, identifying trends, and driving operational optimisation. We conduct security monitoring, alert triage, and continuous improvement of detection rules on a rotating schedule. We lead and support incident response investigations, ensuring high-quality documentation and escalation. We mentor and support junior analysts through guidance, coaching, and technical oversight. We serve as a technical subject matter expert on client engagements and present findings and recommendations to senior stakeholders. We participate in alert testing, readiness exercises, and incident response tabletop sessions. We stay current on emerging threat intelligence, attacker techniques, and relevant research. We provide on-call support for high-priority incident response when required. Technologies: Bash Cloud Cryptography Support Java Linux Network Python Security Splunk Windows More: We are a high-performing Blue Team operating at the forefront of modern security operations, and we are seeking an accomplished Senior Cyber Operations Analyst to join us in Glasgow on a hybrid basis. This is a technical, hands-on role for a senior analyst with strong engineering instincts, coding capability, and deep experience in incident response and detection engineering. We offer a salary of up to £75,000 plus on-call compensation, and the role includes approximately one week per month of on-call availability, with frequency varying by client. We are looking for a curious, proactive professional who is ready to advance their career and make a strong impact within a technically driven security team. last updated 23 week of 2026