CrawlJobs Logo

Technical Business Analyst (Detection and Response)

United Kingdom, London 625.00 GBP / Day · Job Posted May 30, 2026
Apply Position
Job Link Share

Job Description

An Elite Investment Firm is looking for a talented Technical Business Analyst with experience in network detection and response as well as general cyber security. The team is made up of some of the smartest individuals around who have worked at some elite firms. This team have an unlimited tech budget and promote a great culture!

Job Responsibility

  • Working closely with Security and Network Engineers, other Business Analysts and stakeholders on a large-scale greenfield cyber security project
  • Being involved in re-architecting the whole detection and response ecosystem
  • A chance to truly be entrepreneurial

Requirements

  • Experience in the finance sector is essential
  • Knowledge of network detection and response is essential
  • Strong Cyber Security experience is essential

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Similar Jobs for

Technical Business Analyst (Detection and Response)

8 matching positions

Associate Detection And Response (Mdr) Analyst

Rapid7’s Tactical Operations team is looking for an Associate Detection & Respon...
Location
Location
Czechia , Prague
Salary
Salary:
Not provided
rapid7.com Logo
Rapid7
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Adaptability to work a fixed shift rotation from Monday to Thursday, 11 AM - 9 PM, following a comprehensive 90-day onboarding period
  • Professional or academic experience spanning 0-2 years within technology, systems administration, or information security environments
  • Foundational knowledge of core security concepts including lateral movement, privilege escalation, persistence methods, and command and control
  • Working familiarity with Windows and Linux operating systems and their underlying security architectures
  • Creative problem-solving abilities, critical thinking capacity, and technical ingenuity when addressing complex challenges
  • Insatiable curiosity and a strong forward focus, demonstrating a passionate commitment to learning and developing your cybersecurity craft
  • Eagerness and open communication when navigating change, adapting smoothly to evolving business needs, shift structures, and group dynamics
  • Capacity to make efficient, structured choices that resolve challenges and maintain analytical momentum during high-pressure incidents
  • Clear accountability for actions and behaviors while driving outcomes that deliver genuine value for the business and our customers
  • Core Value Embodiment: Embody our core values to foster a culture of excellence that drives meaningful impact and collective success
Job Responsibility
Job Responsibility
  • Review alert data to identify malicious activity and potential security threats across diverse customer environments
  • Steer security investigations from initial alert through comprehensive evidence acquisition and root-cause analysis
  • Write technical incident reports documenting key findings, analysis methodologies, and actionable remediation recommendations for customers
  • Coordinate closely with SOC advisor colleagues to support effective communication of technical findings to the customer
  • Partner with Mid, Senior, and Lead Analysts to collaboratively solve complex challenges and share knowledge across the SOC team
  • Perform targeted investigation tasks and examine forensic artifacts during critical Remote Incident Response engagements
  • Track threat actor actions across an environment by analyzing system and forensic logs during security incidents
  • Maintain a flexible operational rhythm, working in the physical SOC two days per week (including Wednesdays) and adhering to the dedicated afternoon shift schedule
  • Fulltime
Read More
Arrow Right
New

Expert Detection and Response Engineer

Role Overview Activision is seeking an Expert Detection and Response Engineer t...
Location
Location
United States of America , Irvine
Salary
Salary:
124000.00 - 229400.00 USD / Year
activision.com Logo
Activision
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in computer science, Information Security, or equivalent practical experience. 10+ years of progressively accountable security experience, with a demonstrated track record of independent, expert-level judgment in incident response.
  • Hands-on experience in threat detection, security operations, and incident response, with active involvement across the full incident lifecycle.
  • Strong understanding of the modern threat landscape, attacker tactics, techniques, and procedures.
  • Proven ability to detect, triage, investigate, and respond to security incidents in enterprise environments.
  • Experience performing detailed log analysis, correlation, and investigative triage.
  • Strong written and verbal communication skills, with the ability to clearly articulate incident findings and response actions.
  • Ability to work independently and collaboratively within the TDIR team and with technical and business stakeholders.
  • Willingness to participate in an on-call rotation and provide off-hours support for critical security incidents.
  • Hands-on experience with security monitoring platforms such as SIEM and EDR, including building or significantly extending detection content (not solely tuning existing rules).
  • Scripting or programming experience (e.g., Python, PowerShell, KQL) to support detection, investigation, or response automation.
Job Responsibility
Job Responsibility
  • Detect, investigate, and respond to security incidents across cloud, corporate, and production environments as a hands-on member of the TDIR team.
  • Monitor and analyze security telemetry and audit logs to identify anomalous activity, unauthorized access, and emerging threats, including targeted attacks and advanced adversaries.
  • Perform alert triage, in-depth investigation, and forensic analysis across the full incident lifecycle, from identification through containment, remediation, and post-incident review.
  • Execute endpoint, identity, cloud, and malware investigations, including timeline reconstruction, indicator extraction, and root cause analysis.
  • Develop, refine, and tune threat detections within the SIEM based on real-world attacker behavior and investigation findings.
  • Enhance investigation and response efficiency through automation, SOAR workflows, scripting, and advanced analytics.
  • Design, build, or operate AI/LLM-assisted triage and enrichment workflows (e.g., agentic pipelines integrated with case management platforms) to accelerate investigation and reduce analyst toil.
  • Evaluate and harden AI-assisted security tooling against adversarial input, including prompt injection and verdict-poisoning risks introduced via analyzed artifacts, applying schema-constrained or otherwise bounded output design rather than relying solely on input-side filtering.
  • Contribute to TDIR procedures, playbooks, runbooks, documentation, and operational metrics.
  • Collaborate closely with engineering teams, business stakeholders, and vendors during active investigations and response efforts.
What we offer
What we offer
  • Medical, dental, vision, health savings account or health reimbursement account, healthcare spending accounts, dependent care spending accounts, life and AD&D insurance, disability insurance
  • 401(k) with Company match, tuition reimbursement, charitable donation matching
  • Paid holidays and vacation, paid sick time, floating holidays, compassion and bereavement leaves, parental leave
  • Mental health & wellbeing programs, fitness programs, free and discounted games, and a variety of other voluntary benefit programs like supplemental life & disability, legal service, ID protection, rental insurance, and others
  • Relocation assistance may be available.
  • Fulltime
Read More
Arrow Right

Associate Detection & Response Analyst

Rapid7’s Tactical Operations team is looking for an Associate Detection & Respon...
Location
Location
Czechia , Prague
Salary
Salary:
Not provided
rapid7.com Logo
Rapid7
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Professional or academic experience spanning 0-2 years within technology, systems administration, or information security environments
  • Foundational knowledge of core security concepts including lateral movement, privilege escalation, persistence methods, and command and control
  • Working familiarity with Windows and Linux operating systems and their underlying security architectures
  • Creative problem-solving abilities, critical thinking capacity, and technical ingenuity when addressing complex challenges
  • Insatiable curiosity and a strong forward focus, demonstrating a passionate commitment to learning and developing your cybersecurity craft
  • Eagerness and open communication when navigating change, adapting smoothly to evolving business needs, shift structures, and group dynamics
  • Capacity to make efficient, structured choices that resolve challenges and maintain analytical momentum during high-pressure incidents
  • Clear accountability for actions and behaviors while driving outcomes that deliver genuine value for the business and our customers
  • Core Value Embodiment: Embody our core values to foster a culture of excellence that drives meaningful impact and collective success
Job Responsibility
Job Responsibility
  • Review alert data to identify malicious activity and potential security threats across diverse customer environments
  • Steer security investigations from initial alert through comprehensive evidence acquisition and root-cause analysis
  • Write technical incident reports documenting key findings, analysis methodologies, and actionable remediation recommendations for customers
  • Coordinate closely with SOC advisor colleagues to support effective communication of technical findings to the customer
  • Partner with Mid, Senior, and Lead Analysts to collaboratively solve complex challenges and share knowledge across the SOC team
  • Perform targeted investigation tasks and examine forensic artifacts during critical Remote Incident Response engagements
  • Track threat actor actions across an environment by analyzing system and forensic logs during security incidents
  • Maintain a flexible operational rhythm, working in the physical SOC two days per week (including Wednesdays) and adhering to the dedicated afternoon shift schedule
  • Fulltime
Read More
Arrow Right

Cybersecurity Manager - Detection and Response

Microsoft Incident Response – the Detection and Response Team (DART) – part of t...
Location
Location
United Kingdom , Multiple Locations
Salary
Salary:
Not provided
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Doctorate in Statistics, Mathematics, Computer Science, Computer Security, or related field
  • OR Master's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field and several years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection and several years of experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection
  • OR Bachelor's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field and several years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection OR equivalent experience
  • Many years of people management and/or informal/indirect team leadership experience
  • Strong analytic, qualitative, and quantitative reasoning skills
  • Track record of successfully managing a technical business group and maintaining consistent growth
  • Recognized as a strategic leader who can hire, retain and motivate diverse quality talent
  • Experience leading both a services organization and product development function
  • Develop business strategy and provide technical thought leadership
  • Manage customer engagements escalations to ensure customer satisfaction
Job Responsibility
Job Responsibility
  • People Management: Responsible for mentoring, managing and leading a team of cyber security analysts, engineers, developers, leads and incident managers
  • Managers deliver success through empowerment and accountability by modeling, coaching, and caring
  • Strategic Initiatives: Secure partner relationships and work closely with internal product and services groups as well as co-delivering with Microsoft’s Partner ecosystem
  • Develop and mentor individual contributors through open communication, training and development opportunities and performance management processes
  • Develop and maintain objectives, metrics and KPIs supporting the department’s strategic direction and continuously improve incident response technical capabilities
  • Communicate complex and technical issues to diverse audiences, verbally and in writing, in an easily understood, authoritative, and actionable manner
  • Present to a wide range and size of audiences from IT Pro, to CxO, to business decision makers
  • Technical leadership and executive presence to establish Trusted Technical Advisor to influence senior decision makers to mature and promote customer’s security posture across the overall technology landscape
  • Drive investigative teams to exhaust all investigative leads in the expectation of discovering novel attacker techniques
  • Investigate and research these techniques, and partner with threat intelligence and security engineering to drive security tooling and product enhancements
  • Fulltime
Read More
Arrow Right

Senior Business Analyst, Data Analytics & CPM

Under limited supervision, specialized knowledge and skills obtained through tra...
Location
Location
United States , St Petersburg, Florida
Salary
Salary:
Not provided
raymondjames.com Logo
Raymond James
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • OneStream, Hyperion (HFM), or other CPM system experience strongly preferred
  • Strong knowledge of financial processes, including experience with financial reporting, financial close, consolidations, and FP&A
  • Bachelor’s degree with technical or business specifications and three (3) to five (5) years’ experience including any combination of the following: systems administration, technical customer support, application administration, software development, project management, technical consulting, software upgrade/implementation, technical analysis, general finance or accounting
  • Any equivalent combination of experience, education, and/or training approved by Human Resources
  • OneStream, Hyperion (HFM), or other CPM system certifications
  • Strong knowledge of financial processes, including experience with financial close, consolidations, financial reporting, and FP&A
  • Principles, practices, and procedures of internal systems and processes
  • Project Management processes and procedures
  • Business Process Improvement Processes and Procedures preferred
  • Skill in Operating standard office equipment and using required software applications to produce correspondence, reports, electronic communication, spreadsheets, and databases at an intermediate level
Job Responsibility
Job Responsibility
  • Provide guidance, drive business transformation and strategic change, and create value by driving initiatives that reinvent the core of the business
  • Partner across the enterprise to introduce, enable, and adopt transformation methodologies and concepts within the product model
  • Model effectively—with deep understanding—agile execution, change management, and transformation advocacy across the business
  • Specialize in scaling transformation efforts across the organization, often leading multiple initiatives
  • Help more traditional companies transform to be product- or customer-led
  • Provide administration and support for the accounting systems and applications
  • Participate in the development and delivery of training curriculum to educate users on system functionalities and best practices
  • Support projects and establishes requirements to meet the information and process needs of the organization related to the business area
  • Acts as liaison to the business areas and systems users
  • Supports project teams for special projects which may impact multiple business units and oversees with business process improvements, many of which will have significant financial impact on the entire company
What we offer
What we offer
  • medical, dental, and vision
  • life insurance
  • critical illness insurance and accident insurance
  • disability benefits
  • retirement savings
  • paid time off (including vacation, holidays, and sick leave)
  • and parental leave
  • Fulltime
Read More
Arrow Right

Sr. Cybersecurity Incident Response Analyst

Blue Yonder, a leading supply chain software company, is seeking a Sr Cybersecur...
Location
Location
Mexico , Monterrey; Mexico City
Salary
Salary:
Not provided
blueyonder.com Logo
Blue Yonder
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Computer Science, Information Security, or related equivalent experience
  • 5+ years of experience in information security or cybersecurity as an analyst, engineer or consultant
  • MUST have experience with incident response methodologies and tools (e.g. SANS IR, EDR, SIEM, Threat Intelligence, etc.)
  • Strong technical skills and attention to detail
  • Excellent verbal and written communication skills
  • Ability to work independently and as part of a team
  • Ability to work under pressure and in a fast-paced environment
  • Strong problem-solving skills and a proactive approach to work
  • Knowledge of security frameworks such as NIST and ISO 27001
  • Familiarity with security regulations and standards (e.g. PCI DSS, HIPAA, etc.)
Job Responsibility
Job Responsibility
  • Monitor and Analyze Security Alerts – Review alerts generated by security systems, appliances, and logs to determine the appropriate course of action to protect the enterprise and reduce overall risk
  • Incident Triage and Response – Quickly assess, prioritize, and respond to security incidents, ensuring timely containment, eradication, and recovery to minimize business impact
  • Root Cause Analysis (RCA) – Investigate security incidents to determine root causes, attack vectors, and vulnerabilities, providing recommendations to reduce the attack surface and prevent recurrence
  • Threat Hunting and Proactive Defense – Conduct proactive threat-hunting activities based on intelligence, anomalies, and adversary tactics to identify and mitigate threats before they escalate
  • Collaboration with Cross-Functional Teams – Work closely with IT, engineering, legal, compliance, and other teams to coordinate incident response efforts and ensure an effective security posture
  • Incident Documentation and Reporting – Maintain detailed documentation of security incidents, response actions, and lessons learned, ensuring continuous improvement in security processes
  • Develop and Improve Incident Response Playbooks – Enhance and maintain incident response procedures, ensuring alignment with industry best practices and emerging threats
  • Security Awareness and Training – Provide guidance, training, and mentorship to SOC analysts and IT staff on security threats, incident handling, and response best practices
  • Threat Intelligence Integration – Leverage threat intelligence sources to stay informed on evolving cyber threats and proactively adjust security strategies to defend against them
  • Fulltime
Read More
Arrow Right

Director, Security Operations and Incident Response

At Comcast, we are committed to providing secure and reliable services for our c...
Location
Location
United States , Philadelphia
Salary
Salary:
Not provided
comcastcorporation.com Logo
Comcast
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 10+ years of relevant cybersecurity experience, including leadership experience in cybersecurity operations, security incident response, threat hunting, threat detection, or enterprise SOC functions in a large, complex environment with at least 5 years of experience managing leaders of people
  • Demonstrated experience managing high-severity cybersecurity incidents, including executive communications, cross functional coordination, containment strategy, remediation oversight, and post-incident improvement
  • This role supports a 24x7 cybersecurity operation and requires availability outside of standard business hours, including nights, weekends, and holidays, during critical incidents and high-severity security events
  • Strong leadership experience building, managing, and scaling technical security teams, including managers, incident responders, SOC analysts, threat hunters, detection engineers, and specialized security professionals
  • Deep technical understanding of modern security operations, including SIEM, EDR, threat intelligence, malware analysis, digital forensics, cloud security, identity security, network security, automation, and detection engineering
  • Experience partnering with engineering teams to build, improve, and operationalize security tools, data platforms, dashboards, automations, telemetry pipelines, and analyst workflows
  • Proven ability to make high-impact decisions under pressure and lead teams through ambiguous, fast-moving security events
  • Experience developing incident response operating models, playbooks, escalation procedures, readiness exercises, metrics, and continuous improvement programs
  • Strong understanding of adversary tradecraft, threat hunting methodologies, detection lifecycle management, and frameworks such as MITRE ATT&CK
  • Strong executive communication skills, including the ability to brief senior leaders on risk, impact, operational status, capacity gaps, and recommended actions
Job Responsibility
Job Responsibility
  • Lead and scale Comcast’s SOC, Security Incident Response Team, threat hunting, and threat detection functions, ensuring the organization is trained, equipped, and structured to respond effectively to routine security events and major incidents
  • Build the operating model, staffing approach, escalation paths, runbooks, and surge capacity required to manage multiple concurrent major incidents
  • Serve as a senior incident commander for high-severity cybersecurity events, coordinating response across technical teams, business stakeholders, legal, privacy, communications, and executive leadership
  • Lead Comcast’s threat hunting function to proactively identify adversary behavior, emerging attack patterns, control gaps, and high-risk activity before it becomes a major incident. Including leading Purple Team activities
  • Own and mature the enterprise threat detection strategy, including detection coverage, alert fidelity, tuning, detection lifecycle management, and alignment to threat intelligence, adversary tradecraft, and business risk
  • Partner with security engineering, data engineering, platform engineering, and product teams to design and improve the tools, pipelines, dashboards, automations, and case management workflows used by cyber operations teams
  • Drive continuous improvement across SIEM use cases, endpoint detections, cloud detections, identity detections, network telemetry, enrichment pipelines, automation, and analyst workflows
  • Ensure lessons learned from incidents and hunts directly inform new detections, improved runbooks, stronger controls, and better response procedures
  • Develop and continuously improve incident response strategy, severity models, communications protocols, after-action reviews, and remediation tracking
  • Establish executive reporting on incident trends, SOC performance, detection quality, threat hunting outcomes, operational capacity, readiness gaps, and enterprise risk
What we offer
What we offer
  • Medical, prescription, vision, and dental insurance for eligible employees
  • 401(k) savings plan with dollar-for-dollar matching up to the first 6% of your pay
  • Paid time off including eight observed company holidays and flex time
  • Exclusive perks + discounts, including tuition assistance, commuter benefits and more
  • Fulltime
Read More
Arrow Right

Senior Cyber Security Analyst – Incident Response & SOC

We don’t hang up the leash until the job is done. Senior Cyber Security Analyst ...
Location
Location
Salary
Salary:
Not provided
zeektek.com Logo
Zeektek
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Email security fundamentals (SPF, DKIM, DMARC)
  • Phishing and malware investigations
  • DFIR / forensic investigation skills
  • Deep incident response experience
  • Threat analysis across multiple log sources
  • Hands-on tooling knowledge (EDR, SIEM, malware analysis, endpoint/network forensics)
  • Strong troubleshooting and scenario-based thinking
  • Strong written and verbal communication skills
  • Working knowledge of Data Loss Prevention concepts/products, Data Encryption concepts, and endpoint management
  • Technical knowledge of common network protocols and design patterns including TCP/IP, HTTPS, FTP, SFTP, SSH, RDP, CIFS/SMB, NFS
Job Responsibility
Job Responsibility
  • Leading investigations and serving as a subject matter expert while correlating data across multiple log sources and systems
  • Continually improving cyber security procedures and documentation to enhance the security posture of the organization
  • Communicating with users, vendors, and other IT personnel on security-related issues, providing expert guidance and support
  • Staying up to date on evolving cyber threats, identifying their impact, and detecting them in our environment
  • Managing infrastructure security systems such as HIDS/NIDS, SIEM, NGAV, EDR, UBA, WAF, DLP, and vulnerability management tools to meet regulatory requirements
  • Collaborating with business groups to establish and maintain strong working relationships
What we offer
What we offer
  • Weekly Direct Deposit
  • 401K Matching
  • Competitive medical, dental and vision insurance
  • Consistent communication throughout your project
  • ZeekTek Referral Program
Read More
Arrow Right