Senior Security Analyst
Senior Security Analyst/Security Engineer London (City) | £80,000-£90,000 | Permanent
If you're the kind of security engineer who can spot an active threat, contain it calmly, and then harden the environment so it doesn't happen again - this role is built for you.
We're hiring a hands-on Senior Security Analyst/Security Engineer to strengthen a Microsoft-centric security posture across detection, response, tooling, and infrastructure hardening. Not a one-lane SOC role. Not governance-heavy. This role blends incident response with security engineering and hardening and ideal for someone with 4-5 years' experience who wants real technical ownership and variety across the full defensive life cycle.
What You'll Be Doing
Security Engineering & Hardening
If you're the kind of security engineer who can spot an active threat, contain it calmly, and then harden the environment so it doesn't happen again - this role is built for you.
We're hiring a hands-on Senior Security Analyst/Security Engineer to strengthen a Microsoft-centric security posture across detection, response, tooling, and infrastructure hardening. Not a one-lane SOC role. Not governance-heavy. This role blends incident response with security engineering and hardening and ideal for someone with 4-5 years' experience who wants real technical ownership and variety across the full defensive life cycle.
What You'll Be Doing
- Lead investigations, triage and containment using SIEM/EDR (Microsoft Sentinel preferred)
- Harden IAM, PIM/PAM, Windows/Linux, endpoint baselines and identity services
- Strengthen M365 security: Defender for Endpoint/O365/Identity, Conditional Access, Identity Protection
- Improve detection rules, analytics, baselines and security automation
- Run vulnerability scanning using tools like Tenable, Pentera, Varonis, Secure Score
- Support compliance work (ISO 27001, Cyber Essentials, NIST, SOC2)
- Contribute to threat hunting, threat intelligence application and proactive monitoring
- Support operational resilience: scenario testing, DR exercises, post-incident reviews
- Assist with security tooling assessments (including AD hardening tools)
Security Engineering & Hardening
- IAM, PIM/PAM, identity life cycle, access hardening
- OS security hardening (Windows + Linux)
- Network security concepts (Firewalls, IDS/IPS)
- Hands-on IR: triage investigation containment recovery
- Experience with SIEM (Sentinel strongly preferred)
- Experience with EDR/XDR tools: Defender/CrowdStrike/SentinelOne
- Log analysis, packet captures, forensic investigation fundamentals
- Defender suite: Endpoint, O365, Identity
- Azure AD/Entra ID security
- Conditional Access, M365 identity protection signals
- M365 Secure Score remediation
- Tools such as Tenable, Pentera, Varonis, Secure Score
- Experience coordinating remediation with technical teams
- MITRE ATT&CK, OWASP Top 10
- Exposure to zero-trust principles
- Understanding of encryption, certificate management, secrets management
- PowerShell (essential)
- Python or Bash desirable
- Security automation experience (policy enforcement, scanning, rule tuning)
- 4-5 years in SecEng/SOC/IR roles
- Experience in regulated environments beneficial but not essential
- Terraform/Ansible (desirable, not required)
- Cloud security exposure (Azure, AWS, GCP)
- Threat Intel platform experience
- Experience tuning SIEM/SOAR playbooks
- CI/CD pipeline security (GitHub Actions, Jenkins, GitLab)
- Digital forensics knowledge
- Certifications: Security+, CySA+, GCIH, GCIA, CISSP, CISM, OSCP, CCSP