×
Register Here to Apply for Jobs or Post Jobs. X
More jobs:

Senior Security Analyst

Job in Livingston, West Lothian, EH54, Scotland, UK
Listing for: Made Tech Limited
Full Time position
Listed on 2026-07-06
Job specializations:
  • IT/Tech
    Cybersecurity
Job Description & How to Apply Below

Made Tech helps UK public sector organisations build and run secure, user‑centred digital services. Our Cyber practice works directly with government departments, agencies and other public bodies—embedding alongside client teams to raise their security capability, not just deliver a report and leave. As a Senior Security Analyst, you will be a core part of that practice, operating in a security operations context where the stakes are real: the systems we protect carry sensitive public data and underpin services that people depend on.

This is a hands‑on technical role with genuine scope and influence. You will lead threat hunts and intrusion investigations, author and tune detection content, and help your team respond to incidents in a way that leaves things better than you found them. You will translate threat intelligence into actionable detections, align your work to frameworks such as the NCSC Cyber Assessment Framework and Gov Assure, and communicate clearly with client security stakeholders who need to understand what is happening and why it matters.

You will own significant pieces of the SOC’s work end‑to‑end—not just executing tasks, but making considered decisions and being clear about trade‑offs.

At Senior level, the role is about more than your own output. You will help junior analysts develop their triage tradecraft, normalise pairing on incident response, contribute to shared detection standards across the practice, and model the kind of blameless, collaborative culture that makes a security team genuinely effective. If you are looking for a role where you can grow technically, build real influence within a team and do meaningful work for the public sector, this is it.

Key

responsibilities
  • Lead threat hunts and intrusion investigations — form and test hypotheses, map adversary activity against MITRE ATT&CK, perform forensic artefact analysis, and establish scope and root cause clearly enough that the team and client can act on your findings.
  • Author, tune and peer‑review detection content — treat detections as code (version‑controlled, reviewed), translate threat intelligence into new rules, and contribute to iterative improvement of the SIEM ruleset; onboard new log sources, including cloud and application feeds, to close coverage gaps.
  • Own sub‑cycles of the intelligence lifecycle — run structured collection against defined requirements, track actor TTPs, manage indicator life cycles, and produce situational‑awareness products that inform both detection priorities and client risk decisions.
  • Lead incident response and drive improvement — co‑ordinate containment across engineering and analyst teams, communicate incident detail clearly to client stakeholders, and turn every incident into improved detection content, hardening, or run‑book coverage; design for resilience by anticipating failure modes and ensuring systems degrade gracefully.
  • Build SOAR playbooks and auto‑triage — identify toil and repetition in analyst workflows, and build automation that saves the team time and improves consistency without removing human judgement where it matters.
  • Align security operations to UK public sector standards — ensure investigations, evidence handling, and detection coverage reflect NCSC CAF Objective C, Gov Assure requirements, and lawful‑monitoring obligations; feed gaps back into risk governance.
  • Mentor junior analysts and raise team standards — pair deliberately on complex investigations, review triage work, share adversary tradecraft with the team, and help create an environment where people feel safe raising concerns and learning from mistakes.
  • Contribute to the practice beyond your immediate engagement — improve shared SOC standards and onboarding documentation, turn good solutions into reusable playbooks and accelerators the next team can pick up, contribute detection content to practice‑level repositories, and engage with cross‑government security communities such as NCSC CISP and relevant ISACs.
Skills, knowledge and expertise
  • Hold one of the following - Systems Security Certified Practitioner (SSCP), CompTIA Security+, or an equivalent foundational operational security credential expected…
Position Requirements
10+ Years work experience
Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary