KryptoKloud is seeking an experienced Cyber Security Analyst who'll be at the forefront of defending KryptoKloud and its clients against advanced cyber threats. You will lead the monitoring, investigation, and response to complex security incidents, while mentoring Security Operations Centre (SOC) Analysts and driving improvements in detection and response capabilities. Operating within the SOC and reporting to the Head of Security Operations, you will leverage a wide range of security tools, methodologies, and frameworks to protect client environments across multiple operating systems, networks, and applications.
Key Responsibilities
* Security Monitoring & Threat Hunting
* Monitor and analyse security alerts via EPP, EDR, XDR, SIEM platforms (Defender, WithSecure, Darktrace, CrowdStrike) using advanced queries (KQL, SPL)
* Conduct proactive threat hunting across endpoints, networks, and cloud environments to identify anomalous activity and indicators of compromise (IOCs).
* Analyse logs, network traffic, and endpoint telemetry to detect and validate malicious activity.
* Develop and refine threat hunting rules, pivoting from artifacts using OSINT.
* Security Operations
* Assess and prioritise critical patches, software updates, vulnerability management and configuration changes across diverse environments.
* Utilise network analysis tools to investigate anomalies and validate intrusion attempts.
* Develop, tune, and maintain SIEM correlation rules, detection logic, and alerting workflows to improve SOC efficiency.
* Automate repetitive SOC processes through scripting (PowerShell, Python, Bash).
* Desirable - Incident Response & Forensics
* Lead investigations into security incidents including malware outbreaks, insider threats, data breaches, and advanced persistent threats (APTs).
* Understanding of forensic analysis of compromised systems (Windows, Linux, macOS) using industry tools (Volatility, FTK, EnCase, Autopsy).
* Support the full incident response lifecycle.
* Collaborate with stakeholders to produce root cause analysis reports and remediation recommendations.
* Monitor customers supply chain for early warning metrics.
* Perform timely breach analysis and update security teams.
* Client Engagement & Reporting
* Act as a senior escalation point during client security incidents, providing expert level guidance and response recommendations.
* Lead weekly client calls and security reviews, delivering technical findings, intelligence briefings and metrics in both technical and business friendly formats.
* Assist client teams with deployment, troubleshooting, and optimisation of endpoint and security monitoring agents.
* Continuous Development & Leadership
* Stay current with emerging threats, threat groups (APTs), attack techniques, MITRE ATT&CK framework mappings, and security tool advancements.
* Mentor junior SOC Analysts, providing technical training and upskilling in detection and response.
* Contribute to the design and delivery of cybersecurity awareness training for both internal staff and clients.
* Qualifications & Technical Skills
* Education & Certifications
* Bachelor's degree in Cybersecurity, Computer Science, or related field (preferred, not essential).
* Certifications such as CompTIA Security+, Network+, CySA+.
* Other/Preferred: SC200, AZ500, CEH, GCIA, GCIH, GCFA, or OSCP
* Core Technical Expertise
* Strong hands-on experience with EDR, EPP, XDR, SIEM platforms.
* Solid understanding of Windows, Linux, and macOS operating systems, including event logs, file systems, and common attack vectors.
* Familiarity with network protocols (TCP/IP, DNS, HTTP, TLS/SSL) and packet analysis tools. (Wireshark, Suricata, tcpdump).
* Experience in digital forensics, memory analysis, and malware analysis techniques.
* Strong grounding in Incident Response Frameworks (NIST, SANS, MITRE ATT&CK).
* Other Skills
* Excellent written and verbal communication skills, with the ability to translate technical findings for non-technical audiences.
* Ability to lead investigations under pressure and make sound decisions during active incidents.
* Strong mentoring and leadership abilities within a SOC environment.
* Flexible to work 24/7 shifts as required.
Why Join KryptoKloud?
* Be a senior escalation point in a cutting-edge SOC, with multiple exposure points.
* Gain experience across multiple platforms and technologies.
* Influence detection strategies and incident response playbooks.
* Collaborate with a skilled SOC team, while developing leadership and mentoring skills.
* Continuous growth opportunities with support for professional certifications.
The above is not an exhaustive list of duties, and you will be expected to perform different tasks as necessitated by your changing role within the organisation and the overall business objectives of the organisation. As proud Armed Forces Covenant signatories and Employer Recognition Scheme Gold Award holders who support the Defence Community, all veterans will be guaranteed an initial interview.
Job Type: Full-time
Pay: £30,000.00-£40,000.00 per year
Benefits:
* Additional leave
* Company pension
* On-site parking
Work Location: In person