* Monitor security event identification via the third-party security operations service.* Triage, analyse, and investigate incidents to validate potential threats, anomalies, or policy violations.* Coordinate incident response activities including containment, evidence collection, documentation, and recovery support.* Contribute to threat hunting activities using KQL queries and intelligence-led techniques.* Maintain accurate incident records, ensuring actions and outcomes are logged to a high standard.* Facilitate security testing and awareness through threat simulations.* Support the triage and processing of data subject rights (DSR) requests, including subject access requests (SARs).* Conduct data discovery and collection across systems, ensuring completeness and accuracy.* Support DPIA processes through data mapping, evidence gathering, and risk assessment input.* Help maintain and tune Microsoft Defender, Sentinel, and Purview policies, analytics rules, alerts, and workflows.* Support the development, testing, and maintenance of automated playbooks and response actions (e.g., Logic Apps).* Verifying compliance with expected practice in the operation of technology services, including security baseline and access right reviews.* Support vulnerability management by tracking remediation, validating fixes, and assisting with reporting.* Gather and analyse data to help identify trends, gaps, and areas for control improvement.* Assist with periodic control reviews, audits, and compliance checks as required.* Prepare operational reports, dashboards, and metrics for the Team Lead and wider stakeholders.* Develop and maintain playbooks, runbooks, and procedural documentation.* Contribute to continuous improvement activities, including identifying opportunities to streamline operations.* Ensure all actions adhere to internal policies, regulatory requirements, and industry best practice.* 3+ years’ experience working in a security operations, IT security, privacy operations, or related technical role.* Familiarity with: + Microsoft Defender XDR + Microsoft Sentinel (SIEM/SOAR) + Privacy Management Solutions (e.g. Purview, OneTrust)* Basic understanding of key cybersecurity and privacy concepts, such as: + Threat detection and analysis + Incident response lifecycle + Vulnerability and exposure management + Data privacy principles and data subject rights* Experience analysing logs, alerts, or data from security tools* Strong documentation, investigation, and analytical skills.* Hands‐on experience writing KQL queries, PowerShell, or CLI commands.* Exposure to automation or playbooks (Logic Apps, Defender workflows).* Knowledge of frameworks such as MITRE ATT&CK or NIST CSF.* Relevant certifications such as: + SC‐900, SC‐200 (or working toward), AZ‐900, AZ‐500 + CISSP, CIPP/E, CompTIA Security+ + Foundation‐level data privacy certifications (e.g., BCS Certificate in Data Protection)* Strong problem‐solving ability and attention to detail.* Curious and proactive mindset with willingness to learn.* Effective communicator able to document findings clearly and concisely.* Highly organised and able to manage multiple tasks with competing priorities.* Collaborative team player with a commitment to continuous improvement.* Monitor security event identification via the third-party security operations service.* Triage, analyse, and investigate incidents to validate potential threats, anomalies, or policy violations.* Coordinate incident response activities including containment, evidence collection, documentation, and recovery support.* Contribute to threat hunting activities using KQL queries and intelligence-led techniques.* Maintain accurate incident records, ensuring actions and outcomes are logged to a high standard.* Facilitate security testing and awareness through threat simulations.* Support the triage and processing of data subject rights (DSR) requests, including subject access requests (SARs).* Conduct data discovery and collection across systems, ensuring completeness and accuracy.* Support DPIA processes through data mapping, evidence gathering, and risk assessment input.* Help maintain and tune Microsoft Defender, Sentinel, and Purview policies, analytics rules, alerts, and workflows.* Support the development, testing, and maintenance of automated playbooks and response actions (e.g., Logic Apps).* Verifying compliance with expected practice in the operation of technology services, including security baseline and access right reviews.* Support vulnerability management by tracking remediation, validating fixes, and assisting with reporting.* Gather and analyse data to help identify trends, gaps, and areas for control improvement.* Assist with periodic control reviews, audits, and compliance checks as required.* Prepare operational reports, dashboards, and metrics for the Team Lead and wider stakeholders.* Develop and maintain playbooks, runbooks, and procedural documentation.* Contribute to continuous improvement activities, including identifying opportunities to streamline operations.* Ensure all actions adhere to internal policies, regulatory requirements, and industry best practice.* 3+ years’ experience working in a security operations, IT security, privacy operations, or related technical role.* Familiarity with: + Microsoft Defender XDR + Microsoft Sentinel (SIEM/SOAR) + Privacy Management Solutions (e.g. Purview, OneTrust)* Basic understanding of key cybersecurity and privacy concepts, such as: + Threat detection and analysis + Incident response lifecycle + Vulnerability and exposure management + Data privacy principles and data subject rights* Experience analysing logs, alerts, or data from security tools.* Strong documentation, investigation, and analytical skills.* Hands‐on experience writing KQL queries, PowerShell, or CLI commands.* Exposure to automation or playbooks (Logic Apps, Defender workflows).* Knowledge of frameworks such as MITRE ATT&CK or NIST CSF.* Relevant certifications such as: + SC‐900, SC‐200 (or working toward), AZ‐900, AZ‐500 + CISSP, CIPP/E, CompTIA Security+ + Foundation‐level data privacy certifications (e.g., BCS Certificate in Data Protection)* Strong problem‐solving ability and attention to detail.* Curious and proactive mindset with willingness to learn.* Effective communicator able to document findings clearly and concisely.* Highly organised and able to manage multiple tasks with competing priorities.* Collaborative team player with a commitment to continuous improvement.* Ability to work with sensitive data responsibly and confidentially.
#J-18808-Ljbffr