Cyber Security Incidence Response & Threat intelligence Analyst

Cyber Security Analyst - Incident Response

London - Hybrid | Up to £65,000 + benefits

A global specialist insurer is building out its internal cyber defence capability and is seeking an experienced analyst to strengthen its Security Operations Centre.

You'll join a collaborative team focused on both proactive threat hunting and live incident response, protecting a complex international estate. This position suits someone who has started their career in a SOC environment and now works primarily in incident and threat response.

The role

• Lead investigations into live security incidents including malware, phishing, and endpoint compromise
• Perform root cause analysis, containment, and recovery actions
• Tune detection rules and develop new use cases to improve response times
• Utilise Microsoft Defender, Sentinel, and Azure Security tools to detect and respond to threats
• Conduct post-incident reviews and recommend long-term prevention strategies
• Collaborate with infrastructure and security teams to harden systems and processes

Experience required

• Minimum 2 years in a SOC environment followed by recent hands-on incident response experience
• Strong working knowledge of SIEM and EDR tools (Sentinel, Defender, CrowdStrike, etc.)
• Solid understanding of Windows, Linux, and network security principles
• Experience with forensic or threat analysis techniques
• Familiarity with MITRE ATT&CK, NIST, or similar frameworks

Desirable

• Exposure to automation or SOAR tooling
• PowerShell or Python Scripting skills
• GIAC or Microsoft security certifications

This is an opportunity to join a highly respected security function within the London Market, working closely with senior engineers and threat specialists in an environment that prioritises both learning and impact.

We are looking to schedule interviews immediately so contact Brushoth: (see below) or apply following the link