Base pay range
Information Security Analyst (Incident Response & Monitoring) – Up to £75,000 – London (Hybrid)
We are seeking an experienced Information Security Analyst (AVP-level) to join a growing Cyber Security team in London. This is a hands-on technical role within the Security Operations and Incident Response function, responsible for threat detection, incident handling, and improving the effectiveness of the security monitoring landscape.
This role is based in London and offers hybrid working, flexible hours, and a supportive working environment.
Key Responsibilities
Incident Response & Security Operations
* Detect, analyse, and investigate security incidents across infrastructure and application layers.
* Coordinate incident response, containment, and remediation efforts across business and technical teams.
* Develop threat detection use-cases and optimise alerting within SIEM and IR tooling.
* Perform deep-dive forensic analysis of network traffic, logs, and endpoint telemetry.
* Enhance the security incident lifecycle through established frameworks (MITRE ATT&CK, Kill Chain, Diamond Model).
Threat Detection & Security Monitoring
* Improve monitoring coverage across systems through custom detections, threat intelligence feeds, and IOC integration.
* Lead the development of threat hunting and behavioural analytics capabilities.
* Review and improve control effectiveness across the security tech stack (SIEM, EDR, DLP, IDS/IPS, etc.).
* Contribute to internal vulnerability management processes and security hardening efforts.
Security Governance & Stakeholder Engagement
* Support penetration testing coordination and risk remediation with application and infrastructure teams.
* Contribute to the implementation and refinement of standard operating procedures for incident handling.
* Assist in security risk assessments, reporting, and internal security awareness initiatives.
* Experience in incident response, threat hunting, and forensic analysis.
* Strong understanding of SIEM platforms (e.g. Splunk, QRadar, etc.) and detection engineering.
* Familiarity with security frameworks such as MITRE ATT&CK, NIST, and cyber kill chain methodologies.
* Ability to analyse network traffic (Wireshark or equivalent), logs, and host-based artifacts.
* Strong working knowledge of operating systems (Windows, Linux), and enterprise infrastructure (networking, cloud, VPN, etc.).
* Knowledge of vulnerability management processes and secure configuration benchmarking (e.g., CIS).
* Hands-on experience with security monitoring tools, packet inspection, and advanced threat detection.
Desirable Certifications
* GIAC certifications such as GCIH, GCIA, GCFA (or equivalent).
Additional Information
* Salary: Up to £75,000 (depending on experience)
* Location: London-based with hybrid working
* Hours: Standard business hours with flexibility (occasional coverage between 7am–7pm as needed)
#J-18808-Ljbffr