Senior Security Operations Analyst

• Design, develop and implement custom detection rules, alerts and dashboards within our SIEM platform to identify emerging threats across both end-user and production environments
• Continuously tune and optimize existing rules to improve detection accuracy and reduce false positives
• Proactively hunt for threats within our environment by analyzing logs and security data from various sources
• Conduct thorough investigations of security alerts generated by endpoint detection & response systems, SIEM and cloud platforms
• Manage the full lifecycle of security events from initial detection and triage to containment, eradication and post-incident analysis
• Clearly document and report on lessons learned from security events and incidents, design and implement recommendations for improving our security posture
• Monitor, maintain and enhance our security tooling, ensuring optimal performance and coverage
• Collaborate with Technology teams to integrate security monitoring and alerting into the CI/CD pipeline
• Contribute to the development and improvement of security operations procedures and playbooks
• Innovate, experiment, enhance Security Operations by making use of cloud-native tools, AI and automation to help to build a best of breed SOC
• Evaluate and recommend new security technologies and tools to address both known and unknown gaps in our defenses

• Strong hands-on experience with SIEM platforms, including the creation and tuning of complex detection rules
• Demonstrable experience with Endpoint Detection and Response (EDR) tools
• Solid understanding of cloud security principles, CI/CD processes and DevSecOps environments
• In-depth knowledge of incident response methodologies and best practices
• A proactive mindset with the ability to take ownership of tasks and projects and drive them to completion
• Excellent analytical and problem-solving skills, with a keen eye for detail
• Scripting or programming skills (e.g., Python, PowerShell) for automation and analysis
• Empathetic, thoughtful and business-focused approach to understand how Security controls impact other business functions and customers

An understanding of regulatory compliance frameworks such as PCI DSS, DORA, SOC2, GDPR is a bonus

• Hybrid working with a 3 days / week on site expectation
• 28-day holiday allowance
• Work from abroad policy, enabling employees to work remotely for up to another 30 days per year
• GBP 1,000 annual budget for professional growth
• Leadership cafés, on-the-job training
• Medical insurance (BUPA health care plan)
• 5% matching pension plan through Now Pensions
• Enhanced family leave
• Workplace Nursery Scheme
• Gym membership contribution
• Mental Health Platform with therapy and meditations
• Pet-friendly office