Senior Security Analyst

The role 

As a Senior Security Analyst in our Security Operations Center (SOC) and Computer Security Incident Response Team (CSIRT), you will be responsible for detecting, investigating, and responding to security threats across our business unit infrastructure. You will lead threat hunting initiatives, manage incident response workflows, and ensure the security posture of IT systems through advanced monitoring and analysis tools including SIEM platforms, EDR solutions, threat intelligence systems, and automated response orchestration.

This role demands an expert proficient in threat detection and incident response at enterprise scale, capable of providing strategic technical guidance and establishing security best practices. A strong grasp of attack methodologies, threat landscapes, cloud security principles, and modern incident response frameworks is essential.

What you will do 

• Performs research and analysis of log sources originating from security and networking devices, such as firewalls, routers, proxy servers, anti-virus products, and operating systems to detect and respond to sophisticated cyber threats.
• Conducts threat hunting and perform analysis of raw data to identify advanced malicious activities for which standard signatures or content do not yet exist.
• Develops, and refines detection content across SIEM, IDS/IPS, and other security technologies, ensuring scalability and effectiveness in detecting emerging threats.
• Optimizes SIEM operations and integrates with other security technologies, enhancing overall SOC performance.
• Develops reports and dashboards, providing actionable insights for SOC leadership and key stakeholders.
• Proactively contributes to and drives improvements in the overall Security Operations framework, ensuring alignment with industry best practices and emerging threat landscapes.
• Develops security event enrichment techniques and processes to enhance threat detection and response efficiency, most notably using threat intelligence datasets.
• Designs and maintain comprehensive, detailed triage playbooks that support SOC Analysts during high-priority incidents.
• Participates in complex incident response activities, particularly in the analysis, containment, and recovery phases.
• Manages and contributes to projects that enhance the maturity and capabilities of the SOC, aligning with organizational security objectives.
• Monitors intelligence sources in order to maintain situational awareness of the ways to detect emerging cyber threats.
• Develops, maintains, and continually improves documentation related to security event logging, monitoring processes, and detection strategies.
• Communicates regularly with key stakeholders to ensure that security event monitoring requirements are understood, met, and continuously refined.
• Develops automated pipelines for detection, triage and response within the team's SOAR.

• Ensure that you adhere to the Governance, Risk & Compliance (GRC) obligations for your role. 
• Identify and raise any non-compliance incidents promptly to your line manager. 
• Challenge processes, policies and projects that will negatively impact compliance within the Group. 
• Complete all mandatory compliance training assigned to you. 
• Reach out to the Compliance Teams if unsure of any of your compliance obligations or the requirements are unclear.