Security Analyst

Security Analyst

  • Reports to: Head of Information Security
  • Location: Hybrid/London - 3 days per week in the office (usual working hours)
  • £50,000 to £60,000 base salary available

The Position

Reporting to the Head of Information Security, you will work alongside experienced engineers and have a clear path to develop your skills in detection engineering, threat analysis, and security automation. Our clients security team operates as enablers, not blockers—your job is to keep the business safe without slowing it down.

Incident Response and Detection

  • Own the day-to-day triage and investigation of security alerts across our SIEM, EDR, and cloud monitoring tooling.
  • Drive incident response activities for severity events, including containment, evidence collection, root cause analysis, and post-incident documentation.
  • Participate in an on-call rotation, providing timely responses and escalations for security incidents outside of business hours.
  • Escalate high-severity or complex incidents to senior team members, providing clear and complete handover documentation.
  • Maintain and improve incident response runbooks, playbooks, and internal knowledge bases.

Monitoring and Threat Analysis

  • Monitor security tooling (SIEM, WAF, EDR, IAM) for suspicious activity and anomalous behavior.
  • Contribute to the tuning of detection rules and alert thresholds to reduce noise and improve signal quality.
  • Proactively analyze threat intelligence and translate findings into actionable detection improvements.

AI-Powered Security Operations

  • Use AI and LLM tools daily to accelerate alert triage, generate incident summaries, and draft communications for stakeholders.
  • Contribute to automation workflows that reduce manual toil in detection and response pipelines.
  • Experiment with AI-assisted approaches to threat hunting, log analysis, and runbook generation.

Compliance and Governance Support

  • Support evidence collection and control testing for compliance frameworks including ISO 27001, SOC 2, and NIST CSF.
  • Assist with vulnerability management activities, including tracking remediation progress and communicating status to stakeholders.
  • Help educate the wider team on security best practices through documentation and awareness activities.

Requirements

  • 1–3 years of experience in a security operations, IT security, or related technical role (including internships, apprenticeships, or equivalent hands-on exposure).
  • Practical experience with SIEM or EDR tooling, whether professionally, in a lab, or through CTF/home lab environments.
  • Solid understanding of core security concepts, including attack frameworks (MITRE ATT&CK), the incident response lifecycle, and common vulnerability classes.
  • Comfortable working in cloud environments, particularly AWS, with an understanding of IAM, logging, and basic cloud-native threat vectors.
  • An AI-native working style; you actively use LLMs and AI assistants as productivity tools and are eager to apply them in security contexts.
  • Clear written and verbal communication in English, with the ability to document incidents accurately and concisely for technical and non-technical audiences.

Good to Have

  • Exposure to scripting (Python, Bash, or PowerShell) for automating repetitive tasks or parsing log data.
  • Familiarity with compliance frameworks such as ISO 27001 or SOC 2.
  • Hands-on experience building simple automation or integrations between security tools.
Apply Now
Apply Now

Job Details

Company
Intaso
Location
London Area, United Kingdom
Hybrid / Remote Options
Posted