Cyber Security Analyst

Cyber Security Analyst - Incident Response
London - Hybrid | Up to £75,000 + benefits

A global specialist insurer is expanding its internal cyber defence capability and is seeking an experienced analyst to strengthen its Security Operations Centre.

This role is focused on incident response first and foremost. It suits someone who has spent 3-5 years in a SOC environment and is now taking ownership of investigations, leading response activity, and managing incidents end-to-end. Threat intelligence exposure is welcome but not essential.

The role

• Lead and coordinate responses to live security incidents including malware, phishing, credential compromise, and endpoint breaches
• Perform root cause analysis, containment, and recovery actions across infrastructure and endpoints
• Work closely with Wintel, network, and cloud teams during incident handling
• Improve detection and response processes and contribute to playbook development
• Document incident timelines and support post-incident review activity
• Support broader SOC improvements, including tuning and use case refinement
• No out-of-hours work - 24/7 alerting is handled by a managed service

Experience required

• 3-5 years in a SOC environment, ideally progressing into incident response
• Hands-on involvement in managing and responding to incidents in the last 12 months
• Proven ability to take ownership of investigations and lead response actions
• Experience with SIEM and EDR tooling (vendor agnostic)
• Solid understanding of Windows, Linux, and network security fundamentals
• Familiarity with common attack vectors and adversary techniques (MITRE ATT&CK, NIST)
• Strong communication skills for collaborating with technical teams during incidents

Desirable

• Exposure to SOAR or automation tooling
• PowerShell or Python for scripting or investigation
• GIAC or Microsoft security certifications
• Experience with cloud security monitoring

This is an opportunity to join a respected security function within the London Market, working directly with senior specialists in an environment that prioritises clarity, collaboration, and high-quality incident response.

We are shortlisting immediately. Contact Brushoth at [email protected] or apply via the link.