Description Protect and enhance our customers’ security by leading investigations, response, and proactive threat hunting across diverse environments. This role combines hands-on detection and response with service uplift—driving automation, improving playbooks and processes, and mentoring analysts to deliver a high-quality MDR service at scale.
This is an exciting opportunity for a senior analyst to play a key role in operating an innovative managed detection and response (MDR) service. The individual will be responsible for investigating and remediating detections from our security tooling across a growing global customer base, as well as supporting customers with queries and engaging in proactive threat hunting based on data from our threat intelligence sources.
The role is technically hands-on, requiring established investigation and log analysis skills. The candidate will also support the ongoing improvement of the service across people, process, and technology, and play a role in customer onboarding and management and information sharing with other internal teams.
What You’ll Be Doing
Service Delivery
* Act as a senior member of our team of security analysts, ensuring assigned detections and requests are addressed promptly, necessary technical actions are taken, and outcomes are clearly communicated to customers.
* Triage and analyse detections from security tooling deployed within our customers' environments to determine which are false positives and which are true positives requiring remediation.
* Perform remediation of malicious files, persistence mechanisms and other artefacts and threats, both through our security tools' built-in capabilities and remotely using PowerShell.
* Triage customer emails received via the MDR mailbox and provide support on requests including user management, ad hoc investigations, and security tool troubleshooting.
* Monitor for detection trends and identify opportunities for allow/block listing to improve service efficiency.
* Contribute to new customer onboarding, including providing guidance on the deployment of our tools within customer environments, and ongoing customer management.
Service Development
* Provide ongoing feedback on processes and technologies, and support the development of documentation and assessment of potential new technologies to improve our service.
* Develop new technical material to automate/enhance our service (e.g. PowerShell scripts for automatic identification and remediation of common threats) and improve efficiency.
* Assist in developing team members' skills in detection analysis and remediation, customer query management, and proactive threat hunting through knowledge sharing and mentoring.
What you'll bring
* Strong SecOps judgement: You quickly separate signal from noise, assess risk, and choose the right containment/eradication approach.
* Clear communication: You can translate technical findings into practical advice that customers understand and can act on.
* Automation mindset: You look for repeatable tasks to script, standardise, or push into detection content and SOAR/playbooks.
* Calm under pressure: You prioritise effectively, handle multiple concurrent cases, and uphold quality documentation.
Experience
Essential
* Significant SecOps experience with a focus on detection and response.
* Experience Investigating and remediating security Incidents using EDR/XDR tools.
* Working knowledge of common log query languages/syntax (e.g. SQL, Splunk, KQL).
* Strong understanding of endpoint security, networking protocols, and cloud technologies.
* Excellent communication skills in written and spoken English and attention to detail.
Desirable
* Experience In programming/scripting for security tooling and SOAR platforms.
* Working knowledge of the Mitre ATT&CK framework.
* Understanding of Microsoft Windows Active Directory environments.
* Experience in playbook development, detection engineering, and control hardening.
* Mentoring or team leadership experience within a SOC/MDR context.
* Relevant certifications (e.g., GCIH, GCFA/GCFE, EDR vendor certifications, cloud vendor certifications, Security+) and/or a related degree.
Why You’ll Love Working With Us
* Be part of a GLOBAL team (we have offices in the USA, UK and Australia)
* State of the art modern office
* Great team culture
* Fun social events
* Training opportunities
* Extra day off to celebrate your Birthday
* We also value experience and drive over traditional qualifications. We promote a healthy team dynamic through collaboration and are never too proud to ask each other for help.
We love our workplace, and we think you will too.