CrawlJobs Logo

Lead Security Analyst

United Kingdom, Bristol Employment contract 65000.00 - 80000.00 GBP / Year · Job Posted July 14, 2026
Apply Position
Job Link Share

Job Description

Made Tech helps UK public sector organisations build and run better digital services. Our Cyber practice sits at the heart of that mission — working alongside government departments, agencies, and critical national infrastructure owners to improve how they detect, respond to, and learn from cyber threats. As a Lead Security Analyst, you'll be the most senior analyst on your engagement, setting the technical direction for the SOC and owning the quality of what the team produces — from detection engineering to threat-hunting to incident response. This isn't a role where you disappear into a ticket queue. You'll shape the threat-landscape narrative for your engagement, drive the detection backlog, and build the capability of the analysts around you. That means pairing on complex investigations, setting tradecraft standards, and making sure the team's detection content is version-controlled, peer-reviewed, and continuously improved — not left to age in a SIEM. You'll also be the trusted technical interface for client security stakeholders, translating what the SOC is seeing into the language that informs decisions. The UK public sector context matters here. You'll align your work to NCSC guidance, the Cyber Assessment Framework, and OFFICIAL handling requirements — not because compliance is the goal, but because those frameworks reflect the real risk environment your clients operate in. You'll engage with cross-government security communities, feed detection content and runbooks back into the Cyber practice, and help grow a bench of analysts who can operate at the same standard.

Job Responsibility

  • Set the detection engineering standard — author, tune, and peer-review detections in KQL, SPL, EQL, or Sigma
  • manage the false-positive backlog
  • map coverage to MITRE ATT&CK
  • and train L1/L2 analysts to write and tune detections themselves
  • Own the threat-landscape narrative for your engagement — turn intelligence from NCSC advisories, sector feeds, and threat actor reporting into hunt themes, coverage gap analysis, and detection priorities that the SOC and client stakeholders can act on
  • Run the intelligence cycle as a managed discipline — maintain a collection plan, produce timely and rigorous intelligence products, and build feedback loops that keep the cycle honest and improving
  • Establish and lead security incident response practice — build playbooks, define the severity model, run exercises, and lead the team's response to significant incidents
  • run blameless post-mortems that the team actually learns from
  • Design the log and telemetry pipeline that detections run on — including bespoke application telemetry in cloud environments, not just commodity endpoint feeds
  • ensure the right signals are collected, parsed, and retained for both detection and investigation
  • Be the trusted technical interface for client security stakeholders — communicate what the SOC is detecting, investigating, and covering without losing fidelity
  • surface risks early and honestly, and align the team's priorities to the client's risk picture
  • Grow the analysts around you — pair on detection authorship and incident response as a default, set pairing as the team norm, and actively build the capability of L1 and L2 analysts through structured mentoring and coaching so knowledge isn't concentrated in one person
  • Contribute to the Cyber practice beyond your engagement — feed detection content, runbooks, and lessons learned back into shared practice resources
  • contribute to analyst assessment and hiring
  • and engage with public-sector security communities including NCSC CISP and relevant ISACs

Requirements

  • Certified Information Systems Security Professional (CISSP)
  • Certified Information Security Manager (CISM)
  • CompTIA Advanced Security Practitioner (CASP+)
  • Experience leading detection engineering in a SOC or similar environment — including writing and tuning detections in KQL, SPL, EQL, or Sigma, and managing coverage against MITRE ATT&CK
  • Experience designing or improving a log and telemetry pipeline, including application-level telemetry from cloud-hosted services (AWS is a strong preference at this grade), with an understanding of how to design monitoring for failure modes and degraded states
  • Evidence of running the intelligence cycle as a managed discipline — collection planning, production, and feedback — rather than consuming finished intelligence
  • Working knowledge of UK government security standards and frameworks, including NCSC CAF Objective C, GovAssure, and OFFICIAL handling requirements
  • Experience establishing incident response practice — playbooks, severity models, and exercises — not just responding to individual incidents
  • Evidence of growing the technical capability of less experienced analysts through pairing, structured mentoring, or coaching, including setting clear goals and tracking progress over time
  • Experience anchoring delivery on client outcomes rather than task completion — challenging the brief where it serves the client and making value visible rather than reporting effort
  • Evidence of contributing reusable assets — detection playbooks, runbooks, templates, or accelerators — back into a practice or community, rather than leaving knowledge within a single team

Nice to have

  • Familiarity with SOAR tooling and automation of triage and enrichment workflows
  • Experience working in Kanban-led operating models, including managing triage queues, WIP limits, and class-of-service for incidents
  • Experience running or contributing to skills-based technical assessments that evaluate demonstrated capability rather than credentials or years of experience

What we offer

  • 30 days Holiday
  • Flexible Working Hours
  • Flexible Parental Leave
  • Remote Working
  • Paid counselling
  • Smart Tech scheme
  • Cycle to work scheme
  • individual benefits allowance which you can invest in a Health care cash plan or Pension plan
  • optional social and wellbeing calendar of events

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Similar Jobs for

Lead Security Analyst

8 matching positions

Cyber Security Lead-Cyber Security Analyst

Role Overview L3 Cybersecurity Operations Coordinator acting as a CSIRT/SOC rel...
Location
Location
India , Noida
Salary
Salary:
Not provided
https://www.soprasteria.com Logo
Sopra Steria
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Engineering graduate - preferably B.E. /B tech in I.T or Computer Engineering
  • SC-200: Microsoft Security Operations Analyst
  • BLT1: Blue Team Level 1
  • GCIH or GCFE/GCFA (or equivalent to IR credential)
  • Total Experience Expected: 08-10 years
  • SOC / CDOC Operations
  • CSIRT Coordination
  • Incident Response (L3 / Advanced)
  • Cyber Incident Management & Escalation
  • Threat Mitigation & Remediation
Job Responsibility
Job Responsibility
  • Act as primary cybersecurity contact for local sites
  • Coordinate with global SOC/CDOC teams for operational alignment
  • Ensure proximity-based support for critical assets and business priorities
  • Handle L3 incident escalation and complex case coordination
  • Lead incident triage, mitigation tracking, and remediation follow-up
  • Support end-to-end incident lifecycle (detection → containment → recovery)
  • Manage critical and non-standard cybersecurity incidents
  • Lead containment, threat eradication, and system restoration
  • Validate secure remediation and recovery actions
  • Support CSIRT-led crisis management during major cyber incidents
  • Fulltime
Read More
Arrow Right

Information Security Lead Analyst

Location
Location
Hungary , Budapest
Salary
Salary:
17157800.00 - 28767800.00 HUF / Year
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 6-10 years of relevant experience
  • Additional technical certifications are preferred
  • Demonstrated ability to research and apply current information regarding the IS field
  • Consistently demonstrates clear and concise written and verbal communication
  • Proven influencing and relationship management skills
  • Proven analytical skills
  • Bachelor's degree/University degree or equivalent experience
  • Master's degree preferred
Job Responsibility
Job Responsibility
  • Develop corrective action language for Information Security (IS) gaps and ensure risk closure meets Citi requirements or industry best practices
  • Facilitate the implementation of approved IS tools and identify/recommend new or improved security solutions or emerging technologies
  • Mitigate risk by analyzing the root cause of issues, impacts to business, and required corrective actions and develop security solutions
  • Ensure IS compliance and seek opportunities to enhance the efficiency of IS policies and procedures
  • Identify significant IS threats and vulnerabilities, and define appropriate controls for discovered threats, documenting the business response
  • Disseminate changes to IS regulations and standards to Business and Program owners
  • Provide Information Security advice and counsel as needed
What we offer
What we offer
  • Cafeteria Program
  • Home Office Allowance (for colleagues working in hybrid work models)
  • Paid Parental Leave Program (maternity and paternity leave)
  • Private Medical Care Program and onsite medical rooms at our offices
  • Pension Plan Contribution to voluntary pension fund
  • Group Life Insurance
  • Employee Assistance Program
  • Access to a wide variety of learning and development programs, online course libraries and upskilling platforms, such as Udemy and Degreed
  • Flexible work arrangements to support you in managing work - life balance
  • Career progression opportunities across geographies and business lines
  • Fulltime
Read More
Arrow Right

Lead Info Security Analyst

We are looking for a Lead Info Security Analyst to support a dynamic financial s...
Location
Location
United States , Appleton
Salary
Salary:
Not provided
https://www.roberthalf.com Logo
Robert Half
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Information Security, Computer Science, Risk Management, or a closely related discipline
  • Demonstrated experience in IT audit, information security governance, control assessment, or a comparable security oversight function
  • Strong knowledge of IT general controls and application controls, including access administration, change management, data integrity, and system operations
  • Hands-on experience performing control testing against recognized frameworks such as NIST, COBIT, ISO 27001, or similar standards
  • Ability to identify control weaknesses, document findings clearly, and work with stakeholders to drive corrective action
  • Excellent written and verbal communication skills with the ability to present complex information to senior leadership and executive audiences
  • Background in audit support, regulatory response, or compliance activities within banking or financial services environments is highly valued
Job Responsibility
Job Responsibility
  • Evaluate information security and IT controls to confirm they are appropriately designed, implemented, and functioning as intended
  • Conduct detailed control testing, document procedures and outcomes, and follow through on remediation items to improve the overall risk posture
  • Prepare responses and supporting evidence for internal audits and regulatory reviews by coordinating with stakeholders across the organization
  • Develop clear narratives and reporting materials that explain security processes, control performance, and compliance status for technical and executive audiences
  • Partner with business and technology teams to gather, validate, and organize documentation needed for assessments, examinations, and ongoing governance activities
  • Monitor control gaps and recommend practical enhancements related to access management, change control, data integrity, and operational processes
  • Create and maintain security metrics, including key risk indicators and performance measures, to provide leadership with meaningful visibility into control effectiveness
  • Lead policy and standards review cycles by working with stakeholders to update documentation, align requirements, and support approval processes
  • Use governance and workflow tools, such as ServiceNow or similar platforms, to manage control inventories, testing activity, and reporting deliverables
Read More
Arrow Right

Lead Info Security Analyst

We are looking for a Lead Info Security Analyst to support a dynamic financial s...
Location
Location
United States , Appleton
Salary
Salary:
Not provided
https://www.roberthalf.com Logo
Robert Half
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Information Security, Computer Science, Risk Management, or a closely related discipline
  • Demonstrated experience in IT audit, information security governance, control assessment, or a comparable security oversight function
  • Strong knowledge of IT general controls and application controls, including access administration, change management, data integrity, and system operations
  • Hands-on experience performing control testing against recognized frameworks such as NIST, COBIT, ISO 27001, or similar standards
  • Ability to identify control weaknesses, document findings clearly, and work with stakeholders to drive corrective action
  • Excellent written and verbal communication skills with the ability to present complex information to senior leadership and executive audiences
  • Background in audit support, regulatory response, or compliance activities within banking or financial services environments is highly valued
Job Responsibility
Job Responsibility
  • Evaluate information security and IT controls to confirm they are appropriately designed, implemented, and functioning as intended
  • Conduct detailed control testing, document procedures and outcomes, and follow through on remediation items to improve the overall risk posture
  • Prepare responses and supporting evidence for internal audits and regulatory reviews by coordinating with stakeholders across the organization
  • Develop clear narratives and reporting materials that explain security processes, control performance, and compliance status for technical and executive audiences
  • Partner with business and technology teams to gather, validate, and organize documentation needed for assessments, examinations, and ongoing governance activities
  • Monitor control gaps and recommend practical enhancements related to access management, change control, data integrity, and operational processes
  • Create and maintain security metrics, including key risk indicators and performance measures, to provide leadership with meaningful visibility into control effectiveness
  • Lead policy and standards review cycles by working with stakeholders to update documentation, align requirements, and support approval processes
  • Use governance and workflow tools, such as ServiceNow or similar platforms, to manage control inventories, testing activity, and reporting deliverables
What we offer
What we offer
  • Medical, vision, dental, and life and disability insurance
  • 401(k) plan
  • Fulltime
Read More
Arrow Right

Lead Info Security Analyst

We are looking for a Lead Info Security Analyst to support a dynamic financial s...
Location
Location
United States , Appleton
Salary
Salary:
Not provided
https://www.roberthalf.com Logo
Robert Half
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Information Security, Computer Science, Risk Management, or a closely related discipline
  • Demonstrated experience in IT audit, information security governance, control assessment, or a comparable security oversight function
  • Strong knowledge of IT general controls and application controls, including access administration, change management, data integrity, and system operations
  • Hands-on experience performing control testing against recognized frameworks such as NIST, COBIT, ISO 27001, or similar standards
  • Ability to identify control weaknesses, document findings clearly, and work with stakeholders to drive corrective action
  • Excellent written and verbal communication skills with the ability to present complex information to senior leadership and executive audiences
  • Background in audit support, regulatory response, or compliance activities within banking or financial services environments is highly valued
Job Responsibility
Job Responsibility
  • Evaluate information security and IT controls to confirm they are appropriately designed, implemented, and functioning as intended
  • Conduct detailed control testing, document procedures and outcomes, and follow through on remediation items to improve the overall risk posture
  • Prepare responses and supporting evidence for internal audits and regulatory reviews by coordinating with stakeholders across the organization
  • Develop clear narratives and reporting materials that explain security processes, control performance, and compliance status for technical and executive audiences
  • Partner with business and technology teams to gather, validate, and organize documentation needed for assessments, examinations, and ongoing governance activities
  • Monitor control gaps and recommend practical enhancements related to access management, change control, data integrity, and operational processes
  • Create and maintain security metrics, including key risk indicators and performance measures, to provide leadership with meaningful visibility into control effectiveness
  • Lead policy and standards review cycles by working with stakeholders to update documentation, align requirements, and support approval processes
  • Use governance and workflow tools, such as ServiceNow or similar platforms, to manage control inventories, testing activity, and reporting deliverables
What we offer
What we offer
  • medical
  • vision
  • dental
  • life and disability insurance
  • 401(k) plan
  • Fulltime
Read More
Arrow Right

Information Security Professional Lead Analyst - Vice President

The Information Security Professional Lead Analyst is an intermediate level posi...
Location
Location
Philippines , City of Taguig, Metro Manila
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 8-10 years of relevant experience including 5 years in information security
  • Additional technical certifications are preferred. CISA CISSP industry recognized certification
  • Knowledge Artificial intelligence risk management preferred
  • Demonstrated ability to research and apply current information regarding the IS field
  • Consistently demonstrates clear and concise written and verbal communication
  • Proven influencing and relationship management skills
  • Proven analytical skills
  • Bachelor’s degree/University degree or equivalent experience
  • Master’s degree preferred
Job Responsibility
Job Responsibility
  • Develop corrective action language for Information Security (IS) gaps and ensure risk closure meets Citi requirements or industry best practices
  • Facilitate the implementation of approved IS tools and identify/recommend new or improved security solutions or emerging technologies
  • Mitigate risk by analyzing the root cause of issues, impacts to business, and required corrective actions and develop security solutions
  • Ensure IS compliance and seek opportunities to enhance the efficiency of IS policies and procedures
  • Identify significant IS threats and vulnerabilities, and define appropriate controls for discovered threats, documenting the business response
  • Disseminate changes to IS regulations and standards to Business and Program owners
  • Provide Information Security advice and counsel as needed
  • Appropriately assess risk when business decisions are made, demonstrating particular consideration for the firm's reputation and safeguarding Citigroup, its clients and assets, by driving compliance with applicable laws, rules and regulations, adhering to Policy, applying sound ethical judgment regarding personal behavior, conduct and business practices, and escalating, managing and reporting control issues with transparency
  • Fulltime
Read More
Arrow Right

Lead Cyber Security Analyst

Lead Cyber Security Analyst | Asset Manager | £140k + Bonus. You will take end-t...
Location
Location
United Kingdom , London
Salary
Salary:
Not provided
weareorbis.com Logo
Orbis Consultants
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience as a Cyber Lead in a small-to-mid sized organisation or Senior/Lead engineer from a cyber security vendor or MSP
  • Azure cloud experience is essential
  • Familiarity with Zero Trust networking concepts (Azure-based)
  • Broad knowledge of modern InfoSec tooling and practices
  • Exposure to AI and its impact on cyber security is a strong plus
Job Responsibility
Job Responsibility
  • Owning and evolving security policies, standards and procedures
  • Managing and challenging third party security vendors and MSPs
  • Leading audit and assurance activities
  • Oversight of DLP, penetration testing, vulnerability management, and incident response
  • Advising the business on emerging risks, including AI-driven security threats
What we offer
What we offer
  • Bonus
  • Fulltime
Read More
Arrow Right

Lead Cyber Security Analyst

FinXL is seeking an experienced Lead Cyber Security Analyst to play a key role i...
Location
Location
Australia , Canberra
Salary
Salary:
Not provided
finxl.com.au Logo
FinXL
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Must be Australian Citizen with minimum of NV1 Clearance
  • Experience as a Cyber Security Analyst
  • Proven track record in designing, implementing, and testing use cases for malicious activity detection
  • Hands-on experience in Incident Response and handling security events
  • Strong communication skills with the ability to maintain technical documentation
  • Familiarity with leveraging threat intelligence feeds
Job Responsibility
Job Responsibility
  • Assist with onboarding new systems and creating detection logic
  • Lead remediation efforts and undertake proactive threat hunt activities
  • Develop automated playbooks and collaborate with Threat Intelligence teams to evolve our countermeasures
  • Maintain and enhance the health of our core Cyber Security systems
Read More
Arrow Right