Senior Cyber Security Analyst in London - eFinancialCareers

£75,000 GBP

Hybrid WORKING

Location: Central London, Greater London - United Kingdom Type: Permanent

An opportunity exists for an experienced Cyber Security Operations Specialist to join a fast-growing Blue Team within a dynamic Cyber Practice. This senior role offers the chance to work on high-profile client engagements, delivering threat detection, monitoring, incident response, and security operations expertise. The role is ideal for a self-motivated professional with strong technical skills, inquisitive thinking, and a passion for protecting enterprise systems from evolving cyber threats.

The Role

The Cyber Security Operations Specialist will use advanced tools and threat intelligence to ensure effective incident detection and response across client environments. Working closely with security analysts and wider teams, the role combines detection engineering, monitoring, incident response and advisory responsibilities, with opportunities for mentoring junior staff and engaging with senior stakeholders.

Key Responsibilities

• Detection Engineering: Develop, maintain, and enhance security detection content for SIEM platforms (primarily Splunk) to identify threats across cloud, endpoints, and networks
• Identify gaps in detection coverage, log ingestion, and alerting, aligned with business risks and threat landscapes
• Review and optimise SecOps standards and capabilities, including logging requirements, detection trends, and operational improvements
• Conduct security monitoring, triage triggered alerts, and recommend enhancements (rota basis 9:00-17:30)
• Respond to and investigate cyber security incidents, escalating where necessary
• Provide mentorship and support for junior analysts, acting as a technical escalation point
• Serve as a technical SME on client engagements, including presenting findings and guidance to senior stakeholders
• Participate in alert testing, incident response exercises, and tabletop simulations
• Stay current with emerging threats and TTPs relevant to client environments

Additional Responsibilities (Client Dependent):

• Proactive threat hunting and development of tradecraft
• Incident response and playbook creation
• Collection and interpretation of threat intelligence and emerging attacker TTPs
• Vulnerability scanning, reporting, and management
• Leadership opportunities in client environments, including incident and operations management

Note: The role includes approximately one week per month on-call for high-priority incident response, with additional compensation. Frequency varies by client.

About the Candidate

The ideal candidate will have hands-on experience in cybersecurity operations and threat detection, with knowledge spanning network, cloud, and endpoint security. Key skills include:

Essential / Desirable Skills:

• Working knowledge of threat intelligence concepts (Pyramid of Pain, IPCE, Threat Intelligence Lifecycle)
• Detection engineering and alert development experience
• Scripting or programming skills (Python, Bash, C/C++, Java)
• Understanding of core cybersecurity concepts: network security, cryptography, cloud security, forensics
• Knowledge of network protocols and how they may be exploited by attackers
• Up-to-date awareness of APT groups and their TTPs
• Experience analysing Windows and/or Linux environments

Why This Role

This position offers the opportunity to work on high-profile, technically challenging security engagements, protecting critical systems and contributing to the growth of a leading cyber security practice. It is ideal for professionals seeking hands-on technical impact combined with mentoring, advisory, and potential leadership opportunities.