Cyber Security Analyst - Incident Response
London - Hybrid | Up to £75,000 + benefits
A global specialist insurer is expanding its internal cyber defence capability & is seeking an experienced analyst to strengthen its Security Operations Centre.
This role is focused on incident response first & foremost. It suits someone who has spent 3-5 years in a SOC environment & is now taking ownership of investigations, leading response activity, & managing incidents end-to-end. Threat intelligence exposure is welcome but not essential.
The role
1. Lead & coordinate responses to live security incidents including malware, phishing, credential compromise, & endpoint breaches
2. Perform root cause analysis, containment, & recovery actions across infrastructure & endpoints
3. Work closely with Wintel, network, & cloud teams during incident handling
4. Improve detection & response processes & contribute to playbook development
5. Document incident timelines & support post-incident review activity
6. Support broader SOC improvements, including tuning & use case refinement
7. No out-of-hours work - 24/7 alerting is handled by a managed service
Experience required
8. 3-5 years in a SOC environment, ideally progressing into incident response
9. Hands-on involvement in managing & responding to incidents in the last 12 months
10. Proven ability to take ownership of investigations & lead response actions
11. Experience with SIEM & EDR tooling (vendor agnostic)
12. Solid understanding of Windows, Linux, & network security fundamentals
13. Familiarity with common attack vectors & adversary techniques (MITRE ATT&CK, NIST)
14. Strong communication skills for collaborating with technical teams during incidents
Desirable
15. Exposure to SOAR or automation tooling
16. PowerShell or Python for scripting or investigation
17. GIAC or Microsoft security certifications
18. Experience with cloud security monitoring
This is an opportunity to join a respected security function within the London Market, working directly with senior specialists in an environment that prioritises clarity, collaboration, & high-quality incident response.
We are shortlisting immediately. Contact Brushoth at brushoth@pioneer-search.com or apply via the link.
Apply now