Security and Privacy Operations Analyst

Location: Greater London

* Monitor security event identification via the third-party security operations service.
* Triage, analyse, and investigate incidents to validate potential threats, anomalies, or policy violations.
* Coordinate incident response activities including containment, evidence collection, documentation, and recovery support.
* Contribute to threat hunting activities using KQL queries and intelligence-led techniques.
* Maintain accurate incident records, ensuring actions and outcomes are logged to a high standard.
* Facilitate security testing and awareness through threat simulations.
* Support the triage and processing of data subject rights (DSR) requests, including subject access requests (SARs).
* Conduct data discovery and collection across systems, ensuring completeness and accuracy.
* Support DPIA processes through data mapping, evidence gathering, and risk assessment input.
* Help maintain and tune Microsoft Defender, Sentinel, and Purview policies, analytics rules, alerts, and workflows.
* Support the development, testing, and maintenance of automated playbooks and response actions (e.g., Logic Apps).
* Verifying compliance with expected practice in the operation of technology services, including security baseline and access right reviews.
* Support vulnerability management by tracking remediation, validating fixes, and assisting with reporting.
* Gather and analyse data to help identify trends, gaps, and areas for control improvement.
* Assist with periodic control reviews, audits, and compliance checks as required.
* Prepare operational reports, dashboards, and metrics for the Team Lead and wider stakeholders.
* Develop and maintain playbooks, runbooks, and procedural documentation.
* Contribute to continuous improvement activities, including identifying opportunities to streamline operations.
* Ensure all actions adhere to internal policies, regulatory requirements, and industry best practice.
* 3+ years’ experience working in a security operations, IT security, privacy operations, or related technical role.
* Familiarity with:  + Microsoft Defender XDR  + Microsoft Sentinel (SIEM/SOAR)  + Privacy Management Solutions (e.g. Purview, One Trust)
* Basic understanding of key cybersecurity and privacy concepts, such as:  + Threat detection and analysis  + Incident response lifecycle  + Vulnerability and exposure management  + Data privacy principles and data subject rights
* Experience analysing logs, alerts, or data from security tools
* Strong documentation, investigation, and analytical skills.
* Hands‐on experience writing KQL queries, Power Shell, or CLI commands.
* Exposure to automation or playbooks (Logic Apps, Defender workflows).
* Knowledge of frameworks such as MITRE ATT&CK or NIST CSF.
* Relevant certifications such as:  + SC‐900, SC‐200 (or working toward), AZ‐900, AZ‐500  + CISSP, CIPP/E, CompTIA Security+  + Foundation‐level data privacy certifications (e.g., BCS Certificate in Data Protection)
* Strong problem‐solving ability and attention to detail.
* Curious and proactive mindset with willingness to learn.
* Effective communicator able to document findings clearly and concisely.
* Highly organised and able to manage multiple tasks with competing priorities.
* Collaborative team player with a commitment to continuous improvement.
* Monitor security event identification via the third-party security operations service.
* Triage, analyse, and investigate incidents to validate potential threats, anomalies, or policy violations.
* Coordinate incident response activities including containment, evidence collection, documentation, and recovery support.
* Contribute to threat hunting activities using KQL queries and intelligence-led techniques.
* Maintain accurate incident records, ensuring actions and outcomes are logged to a high standard.
* Facilitate security testing and awareness through threat simulations.
* Support the triage and processing of data subject rights (DSR) requests, including subject access requests (SARs).
* Conduct data discovery and collection across systems, ensuring completeness and accuracy.
* Support DPIA processes through data mapping, evidence gathering, and risk assessment input.
* Help…