This job offer is no longer available. See below for similar jobs:

Cyber Threat Detection / SIEM Analyst - SANS/GIAC


Details:
Description:

Cyber Threat Detection / SIEM Analyst - SANS/GIAC

Cyber Threat Detection Analyst

Location: Wokingham, Berkshire (On-site)
Salary: Competitive (dependent on experience) + excellent benefits & training
Security Clearance: Ideally SC Cleared or eligible for SC

Role Overview

As a Cyber Threat Detection Analyst, you will play a hands-on role within an advanced cyber defence function, focused on proactive threat hunting, adversary behaviour analysis, and high-fidelity threat detection across enterprise environments.

This role goes beyond reactive alert handling. You will actively hunt for malicious activity using telemetry, SIEM data, and threat intelligence, develop hypotheses based on MITRE ATT&CK Tactics, Techniques, and Procedures (TTPs), and support incident management and response activities when threats are identified.

We are open to experienced SOC Analysts where threat hunting, investigations, and proactive detection have formed a significant part of their role, and who are looking to further develop in a more hunting-led environment.

This position is well suited to analysts who enjoy thinking like an attacker, have worked alongside or supported red team or purple team activities, and want to deepen their expertise in threat detection and detection engineering.

Skills & Experience We're Seeking

Experience in threat hunting, cyber threat detection, SOC, blue team, or cyber defence environments, with ideally around five years hands on experience.
Strong hands-on experience using SIEM platforms, including:
Microsoft Sentinel (KQL)
Splunk (SPL)
Elastic Security/Kibana (KQL, ESQL)
Practical and operational understanding of MITRE ATT&CK, attacker techniques, and adversary tradecraft
Experience working with Indicators of Compromise (IOCs) and threat intelligence feeds
Solid experience across the security event life cycle, including detection, investigation, and incident management
Hands-on experience with EDR/XDR technologies such as Microsoft Defender, CrowdStrike, SentinelOne, or Carbon Black
Strong knowledge of networking fundamentals (TCP/IP, DNS, HTTP/S, Firewalls, VPNs, Proxy technologies)
Experience analysing telemetry from Windows, Linux, identity, endpoint, and network sources
Strong analytical mindset with the ability to clearly communicate findings, impact, and riskKey Responsibilities

Conduct proactive threat hunting activities across log, endpoint, and network telemetry to identify suspicious, stealthy, or previously unknown threats
Develop and execute hunt hypotheses aligned to MITRE ATT&CK TTPs, adversary behaviours, and emerging threat intelligence
Write, refine, and optimise SIEM queries using KQL, SPL, Elastic/ESQL, and Kibana Query Language
Perform IOC analysis, enrichment, and validation, integrating internal and external threat intelligence sources
Lead investigations from initial detection through scoping, root cause analysis, and impact assessment
Support incident management and incident response activities, including containment, remediation, escalation, and lessons learned
Collaborate closely with SOC teams, incident responders, red teams, and purple teams to validate detections and improve defensive coverage
Contribute to detection logic improvements, use-case development, and continuous enhancement of hunting methodologies
Produce clear investigation write-ups, timelines, and recommendations for technical and non-technical stakeholdersSecurity Certifications (Highly Beneficial)

SANS/GIAC certifications, including but not limited to:
GCIH - Incident Handler
GCIA - Intrusion Analyst
GCED - Enterprise Defender
GCTI - Cyber Threat Intelligence
GMON - Continuous Monitoring
GDAT - Defending Advanced Threats
GCAT - Advanced Threat Intelligence
OSCP or equivalent offensive security qualifications
Crest certifications, such as:
Crest Practitioner Intrusion Analyst (CPIA)
Crest Registered Intrusion Analyst (CRIA)
Crest Certified Threat Intelligence Analyst (CCTIA)
Crest Certified Blue Team Professional (CCBTP)
Microsoft SC-200 or related detection and response certifications
Other recognised cyber security or threat intelligence credentials

Report this job

By sending this message I agree to GrindJob’s Terms and Conditions and Privacy Policy.

Enter your email to get a notification when similar jobs become available.

Create a job alert for cyber detection siem in Wokingham Berkshire ()

By continuing, you agree to GrindJob’s T&Cs and Privacy Policy.

When applying for a job, do not provide bank account details or any other financial information.
Never make any form of payment. GrindJob is not responsible for any external website content.

Your browser does not support Cookies or JavaScript or this option is turned off in your browser settings.

How to enable Cookies and JavaScript

Your browser is out of date!

Update your browser to view this website correctly. Update my browser now

×

Please wait...
There was an error loading the page. Would you like to reload the page?