Senior Security Analyst

Description:

The Senior Security Analyst is a hands-on security operations role providing 24/7 operational coverage within a regulated financial services environment. You will own security incidents end-to-end, from detection through to investigation, response, and remediation coordination.

Operating within a small, senior team, you will also deliver proactive security activities including threat hunting, vulnerability management, and tooling validation—ensuring continuous improvement of the client’s security posture.

This role operates on a 24/7 shift pattern (12-hour shifts, 4-on / 4-off including nights and weekends).

Key Responsibilities

* Monitor and investigate alerts across Microsoft Defender, SIEM, and security tooling

* Own security incidents end-to-end, including investigation, containment, and resolution

* Perform deep-dive investigations using KQL and multi-source telemetry

* Correlate data across endpoint, identity, cloud, and network environments

* Determine threat severity and risk aligned to client and regulatory context

* Coordinate response actions with IT, cloud, and platform teams

* Escalate complex incidents to security engineering or leadership where required

* Conduct vulnerability scanning and review findings (e.g. Qualys)

* Run breach and attack simulations and exposure validation (e.g. XM Cyber, AttackIQ)

* Perform web application scanning and triage vulnerabilities

* Execute proactive threat hunting aligned to MITRE ATT&CK

* Optimise detection rules and reduce false positives

* Validate and maintain security tooling effectiveness

* Drive remediation actions through to completion across multiple teams

* Produce clear documentation, incident reports, and audit-ready records

Experience & Knowledge

Essential:

* Strong experience in security operations (incident detection, investigation, response)

* Experience working with Microsoft Defender XDR and security tooling

* Experience with SIEM platforms (ideally Microsoft Sentinel, KQL querying)

* Strong understanding of threat detection, incident response, and root cause analysis

* Experience in regulated environments (e.g. financial services)

* Knowledge of networking, operating systems (Windows/Linux), and security fundamentals

* Strong analytical and problem-solving skills with ability to work independently

* Experience collaborating with cross-functional technical teams

Desirable:

* Experience with vulnerability management tools (e.g. Qualys)

* Experience with attack simulation and exposure tools (AttackIQ, XM Cyber)

* Knowledge of threat intelligence and malware analysis

* Awareness of security frameworks (MITRE ATT&CK, NIST, ISO 27001)

* Basic scripting knowledge (PowerShell, Python, Bash)