This Senior Cyber Security Analyst role operates under broad direction and is responsible for monitoring, analysing, and responding to security threats and incidents across a large digital environment. You will work within a security operations function to detect and respond to security events, conduct proactive threat hunting, support vulnerability management activities, and participate in incident response efforts. This is a hands-on security operations role suited to someone who enjoys technical analysis, structured incident response, and protecting complex enterprise environments from emerging cyber threats.
Key Responsibilities / Accountabilities:
- Monitor security events and alerts across networks and systems using Microsoft Defender and Microsoft Sentinel (SIEM).
- Analyse security incidents, determine scope and impact, and implement appropriate response actions.
- Conduct proactive threat hunting activities to identify potential security threats.
- Support vulnerability management processes including scanning, analysis, remediation tracking, and reporting.
- Participate in incident response activities including containment, eradication, and recovery.
- Document security incidents, response actions, and lessons learned to strengthen future response capabilities.
- Analyse malware, suspicious files, and indicators of compromise.
- Collaborate with IT operations teams to implement security controls and remediate vulnerabilities.
- Contribute to the development of security playbooks, procedures, and response plans.
- Generate reports on security incidents, trends, and metrics for management and stakeholders.
About you:
- Relevant tertiary qualification or equivalent work experience in information or cyber security.
- Demonstrated experience in security operations including monitoring, analysis, and incident response.
- Hands-on experience with Microsoft Sentinel (SIEM), including the ability to write or modify detection queries.
- Experience with Microsoft Defender or similar endpoint protection and response technologies.
- Broad understanding of infrastructure, platform, and cloud technologies.
- Strong analytical and problem-solving skills with the ability to identify potential threats from security events.
- Experience conducting vulnerability assessments and security testing.
- Knowledge of incident response methodologies and best practices.
- Ability to document technical findings and security incidents clearly.
- Strong communication skills with the ability to explain security concepts effectively.
- Ability to work under pressure during active security incidents.
Desirable:
- Scripting experience (e.g., KQL, PowerShell, or Python) for automation or threat hunting.
- Hands-on experience with Tenable vulnerability management platforms.
- Reporting experience including Power BI and Microsoft Excel data analysis.
- Industry certifications such as Security+, GCIA, GCIH, CEH, or equivalent.
- Knowledge of digital forensics principles and tools.
- Experience with cloud security monitoring and threats.
