×
Register Here to Apply for Jobs or Post Jobs. X
More jobs:

Security Detection & Response II

Job in Chester, Cheshire, CH1, England, UK
Listing for: Bank of America
Full Time position
Listed on 2026-07-13
Job specializations:
  • IT/Tech
    Cybersecurity
Salary/Wage Range or Industry Benchmark: 55000 - 85000 GBP Yearly GBP 55000.00 85000.00 YEAR
Job Description & How to Apply Below

Job Title:

Security Detection & Response II

Location:

Chester Role

Description:

We are seeking an experienced and motivated Security Detection & Response Analyst (SDR II) to join the GIS Monitoring and Triage team. This role supports cybersecurity operations across threat detection, investigation, response, and continuous service improvement.

You should be an experienced security practitioner capable of operating within the end‑to‑end detection and response lifecycle (detect → investigate → respond → improve), combining broad analytical capability with an engineering mindset to rapidly identify, investigate, and contain threats. The analyst will operate across multiple security domains, validating detections, investigating threats, and executing response actions with sound judgement.

This role requires cross‑domain security expertise, broad analytical and engineering capabilities, and the ability to leverage automation, orchestration, and AI‑driven technologies to improve detection outcomes, reduce manual effort, and continuously enhance overall security effectiveness.

This team work on a follow the sun methodology with weekends and bank holidays included; the shifts will be 4 10‑hour shifts:
Sunday–Wednesday or Wednesday to Saturday.

Responsibilities:
  • You will operate within the end‑to‑end detection and response lifecycle (detect → investigate → respond → improve), including analysing logs and telemetry from multiple sources to establish attack scope, impact, and root cause.
  • You will build, validate, tune, and optimise detection logic and coverage, leveraging attacker tactics, techniques and procedures (TTPs) and frameworks such as MITRE ATT&CK to improve accuracy and reduce false positives.
  • Execute and coordinate security event response activities, including containment, isolation, escalation, and remediation, applying sound judgement during active engagements.
  • You will maintain and improve automation and orchestration capabilities, including SOAR workflows, automated playbooks, scripted response actions, and AI‑driven enhancements to reduce manual effort and improve detection and response outcomes. Accountable for measurable improvements in MTTR, detection quality, and signal‑to‑noise ratio.
  • You will document and communicate security event findings, including timelines and lessons learned, while providing clear updates to stakeholders and driving continuous improvement in detection and response processes.
  • Identify gaps in monitoring and detection coverage, contributing to operational maturity through continuous improvement initiatives, metrics, and enhancements to detection, response, and automation capabilities.
  • Support integration of partner use cases into detection and monitoring workflows.
  • Guide and instruct junior members of the team to support the achievement of professional goals.
What we are looking for:
  • Experience in security operations, incident response, detection engineering, or related cybersecurity functions within a production environment.
  • Experience in security detection, investigation and response across multiple domains, with the ability to pivot across data sources and independently manage end‑to‑end investigations from initial triage through post‑incident improvement.
  • Ability to build, validate, and tune detections and response workflows, including reducing false positives.
  • Considerable proficiency in log analysis, telemetry interpretation and cross‑system data correlation, including the ability to query, manipulate, and optimise data using KQL, SPL, SQL, or similar languages for investigative and detection use cases.
  • Practical experience with containment, response actions and automation including developing or maintaining SOAR workflows, API integrations and scripted response actions using sound judgement.
  • Experience with security platforms and technologies including SIEM, EDR/XDR, identity security and cloud security.
  • Working knowledge of identity and access systems and common attack paths including credential theft, privilege escalation and session/token abuse.
  • Considerable understanding of attacker tactics, techniques and procedures (TTPs) including MITRE ATT&CK.
  • Record of improving…
Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary