Associate Security Analyst

Associate Security Analyst

Location: London (Hybrid – 60% onsite per week)
Contract Type: 3 months (potential for extension)
Organisation: Our client, a leading UK Government Department
Clearance Required: Security Check (SC)
Start Date: ASAP

About the Role

Our client is seeking an experienced Associate Security Analyst to join their Cyber Defence team. This is a hands-on role where you will investigate and respond to cyber security incidents that could impact critical systems and services across the UK.

You will play a key part in identifying threats, supporting incident response, and helping to continually improve the organisation’s cyber defence capabilities. The role also involves mentoring apprentice analysts and joining an out-of-hours on-call rota to ensure 24/7 coverage of potential cyber incidents.

Key Responsibilities

• Investigate and triage cyber security alerts and user reports.
• Analyse systems, files, network traffic, and cloud environments to determine the extent of incidents.
• Support technical responses to incidents, including containment, eradication, and recovery.
• Contribute to post-incident reviews and develop lessons learned.
• Create and improve incident response playbooks and knowledge base articles.
• Work closely with wider Cyber Defence functions to strengthen security operations.
• Act as an escalation point for apprentice security analysts, providing coaching, mentoring, and line management.

What We’re Looking For

• 2–3 years’ experience investigating and responding to cyber incidents.
• Hands-on use of SIEM tools (Splunk preferred, Microsoft Sentinel or equivalent acceptable).
• Experience with EDR solutions to support incident investigation.
• Understanding of threat actor tools, techniques, and procedures (TTPs).
• Strong analytical and problem-solving skills.
• Excellent written and verbal communication skills.

Desirable skills:

• Advanced Splunk experience or certification.
• Experience in Agile environments.
• Familiarity with cloud environments such as AWS.

Interview Process

The interview will be conducted via Microsoft Teams and will consist of:

1. A short competency-based discussion.
2. A practical Splunk exercise to investigate a simulated cybersecurity scenario.
3. A short technical quiz covering general cybersecurity knowledge.

Why Join?

This is a unique opportunity to contribute to protecting vital government services in a high-profile environment. You’ll be part of a collaborative Cyber Defence team, gain exposure to advanced security tooling, and play an important role in shaping and improving cyber incident response capabilities.