Senior Cyber Security Analyst

Senior Cyber Security Analyst

Central London (1 day per week onsite)
up to 85,000 + benefits

This is a highly visible opportunity to join a growing global Cyber Defence function at an exciting stage of transformation and centralisation. Cyber security remains a core strategic priority for the organisation as it continues to modernise operations and strengthen resilience across a complex international environment.

The successful individual will play a critical role in strengthening operational security capabilities while helping shape the future direction of the team as the wider security function evolves.

This role offers genuine ownership, senior stakeholder exposure and strong progression potential into future lead or management responsibilities over time.

We are seeking an experienced Senior Cyber Security Analyst to join a global Cyber Defence function. This is not a traditional SOC analyst position focused purely on alert investigation. Instead, this role requires an individual capable of leading cyber incidents operationally, technically and commercially from end-to-end.

You will act as a senior technical subject matter expert across incident response, detection engineering, cloud security and vulnerability management, while also providing calm, structured leadership during high‑pressure situations.

The environment is heavily Microsoft‑focused, with particular emphasis on:

• Microsoft Sentinel
• Microsoft Defender XDR
• Azure security and secure‑by‑design principles

We will work closely with global technology and cyber teams to continuously improve monitoring, detection, response and remediation capabilities across hybrid cloud and on‑premise environments.

• Lead the end‑to‑end management of cyber security incidents across global environments.
• Take ownership of incident triage, severity assessment and response coordination across P1‑P4 incidents.
• Lead incident bridge calls and coordinate technical and business stakeholders throughout the incident lifecycle.
• Assess technical, operational and commercial impact to support effective decision‑making under pressure.
• Provide clear, calm and structured communications to both technical teams and senior leadership.
• Drive containment, eradication, recovery and post‑incident improvement activities.
• Conduct root cause analysis and ensure lessons learned are embedded into operational processes and controls.
• Develop and maintain incident response procedures, playbooks and documentation aligned to industry best practice.

• Configure, optimise and continuously improve Microsoft Sentinel and Microsoft Defender technologies.
• Develop and tune detection logic using KQL to identify emerging threats and attacker behaviours.
• Build and maintain automated SOAR workflows using Logic Apps and related technologies.
• Integrate Microsoft security tooling with third‑party technologies and service providers.
• Identify monitoring gaps and improve visibility across cloud and on‑premise environments.
• Maintain high‑quality technical documentation for detections, automations and operational workflows.

• Support secure configuration and operational security across Azure and associated cloud services.
• Collaborate with infrastructure and engineering teams to embed secure‑by‑design principles.
• Evaluate configuration changes and ensure alignment with security standards and controls.
• Support implementation and optimisation of Microsoft Defender security policies across endpoint, identity, cloud and email platforms.
• Contribute to the continuous improvement of cloud security posture across global operations.

• Support and enhance the vulnerability management programme across infrastructure, cloud and endpoint environments.
• Work with tools such as Microsoft Defender Vulnerability Management and Tenable to identify and prioritise vulnerabilities.
• Translate vulnerability findings into actionable remediation plans with technology stakeholders.
• Leverage cyber threat intelligence to improve detection capabilities and prioritisation…