Information Security Analyst

Information Security Analyst (Incident Response & Monitoring) – Up to £75,000 – London (Hybrid)

We are seeking an experiencedInformation Security Analyst (AVP-level)to join a growing Cyber Security team in London. This is a hands-on technical role within theSecurity Operations and Incident Response function, responsible for threat detection, incident handling, and improving the effectiveness of the security monitoring landscape.

This role is based in London and offershybrid working, flexible hours, and a supportive working environment.

Key Responsibilities

Incident Response & Security Operations

• Detect, analyse, and investigate security incidents across infrastructure and application layers.
• Coordinate incident response, containment, and remediation efforts across business and technical teams.
• Develop threat detection use-cases and optimise alerting within SIEM and IR tooling.
• Perform deep-dive forensic analysis of network traffic, logs, and endpoint telemetry.
• Enhance the security incident lifecycle through established frameworks (MITRE ATT&CK, Kill Chain, Diamond Model).

Threat Detection & Security Monitoring

• Improve monitoring coverage across systems through custom detections, threat intelligence feeds, and IOC integration.
• Lead the development of threat hunting and behavioural analytics capabilities.
• Review and improve control effectiveness across the security tech stack (SIEM, EDR, DLP, IDS/IPS, etc.).
• Contribute to internal vulnerability management processes and security hardening efforts.

Security Governance & Stakeholder Engagement

• Support penetration testing coordination and risk remediation with application and infrastructure teams.
• Contribute to the implementation and refinement of standard operating procedures for incident handling.
• Assist in security risk assessments, reporting, and internal security awareness initiatives.

Essential Skills & Experience

• Experience inincident response, threat hunting, and forensic analysis.
• Strong understanding ofSIEM platforms(e.g. Splunk, QRadar, etc.) and detection engineering.
• Familiarity withsecurity frameworkssuch as MITRE ATT&CK, NIST, and cyber kill chain methodologies.
• Ability to analyse network traffic (Wireshark or equivalent), logs, and host-based artifacts.
• Strong working knowledge of operating systems (Windows, Linux), and enterprise infrastructure (networking, cloud, VPN, etc.).
• Knowledge ofvulnerability management processesand secure configuration benchmarking (e.g., CIS).
• Hands-on experience withsecurity monitoring tools, packet inspection, and advanced threat detection.

Desirable Certifications

• GIAC certifications such as GCIH, GCIA, GCFA (or equivalent).

Additional Information

• Salary: Up to £75,000 (depending on experience)
• Location: London-based with hybrid working
• Hours: Standard business hours with flexibility (occasional coverage between 7am–7pm as needed)