Associate Security Analyst

Our client is seeking an experienced Associate Security Analyst to join their Cyber Defence team. This is a hands-on role where you will investigate and respond to cyber security incidents that could impact critical systems and services across the UK.

You will play a key part in identifying threats, supporting incident response, and helping to continually improve the organisation’s cyber defence capabilities. The role also involves mentoring apprentice analysts and joining an out-of-hours on-call rota to ensure 24/7 coverage of potential cyber incidents.

• Investigate and triage cyber security alerts and user reports.
• Analyse systems, files, network traffic, and cloud environments to determine the extent of incidents.
• Support technical responses to incidents, including containment, eradication, and recovery.
• Contribute to post-incident reviews and develop lessons learned.
• Create and improve incident response playbooks and knowledge base articles.
• Work closely with wider Cyber Defence functions to strengthen security operations.
• Act as an escalation point for apprentice security analysts, providing coaching, mentoring, and line management.

• 2-3 years’ experience investigating and responding to cyber incidents.
• Hands-on use of SIEM tools (Splunk preferred, Microsoft Sentinel or equivalent acceptable).
• Experience with EDR solutions to support incident investigation.
• Understanding of threat actor tools, techniques, and procedures (TTPs).
• Strong analytical and problem-solving skills.
• Excellent written and verbal communication skills.

Desirable skills:

• Advanced Splunk experience or certification.
• Experience in Agile environments.
• Familiarity with cloud environments such as AWS.

The interview will be conducted via Microsoft Teams and will consist of:

1. A short competency-based discussion.
2. A practical Splunk exercise to investigate a simulated cybersecurity scenario.
3. A short technical quiz covering general cybersecurity knowledge.