Senior Security Analyst

Social network you want to login/join with:

Our purpose is to make it easy for people to save and invest for a better future. We are looking for great people to join us, so please come and invest in YOUR future at Hargreaves Lansdown.

We know that sometimes people can be put off applying for a job if they don't tick every box. If you're excited about working for us and have most of the skills or experience we're looking for, please go ahead and apply. We’d love to hear from you!

About the role

The Senior Security Analyst will join an experienced team of security analysts and provide technical expertise into investigations and incidents. This role will focus on handling escalations from the team on alerts or incidents requiring deeper technical analysis, leading to recommendations and improvements. You will also handle proactive Threat Hunting and Detection Engineering within the team. These are heavily technical functions requiring a deep understanding of our tools, query languages, and the tactics, techniques, and procedures (TTPs) used by threat actors.

What you’ll be doing

• Provide detailed analysis of security incidents, ensuring proper documentation and escalation.
• Act as the escalation point for security incidents processed by the CTOC Analysts.
• Write detailed incident reports suitable for audiences with varying technical understanding.
• Support the Incident Response team with technical guidance and analysis during active incidents.
• Conduct proactive Threat Hunting based on incidents and operational activity.
• Maintain SME-level knowledge of security platforms used by the CTOC and develop skills as needed.
• Investigate threats using SIEM and cloud security solutions, and recommend countermeasures.
• Design, build, and deploy threat detections within the SIEM platform, ensuring they are effective and validated.

About you

• Proven experience in security operations or a technical security role supporting incident investigations and remediation.
• Strong security analysis skills utilizing SIEM technologies and query languages for threat hunting.
• Experience deploying threat-driven detections into SIEM environments.
• Proficiency with coding and scripting languages.
• Experience working within hybrid cloud environments.
• Up-to-date knowledge of current threats, vulnerabilities, and attack trends.
• Understanding of enterprise networking and operating systems (Windows, Linux, macOS) and networking principles (TCP/IP, DNS, VPN).
• Knowledge of network security technologies such as firewalls, IDS/IPS.

Interview process

The process includes an introductory call and a competency-based interview.

Working Schedule

This is a permanent, full-time role based in Bristol, BS1 5HL, working 37.5 hours per week, Monday to Friday. We offer flexible working, including options for working from home and coming into the office once or twice a month.

Why us?

We are the UK’s leading investment platform for private investors, based in Bristol, with over 40 years of helping investors save on their investments.

Our workplace promotes continuous learning, dynamic teams, and a strong ethos aligned with our core values of service, quality, innovation, and opportunity.

What's on offer?

• Discretionary annual bonus and pay review
• 25 days holiday plus bank holidays and an additional Christmas closure
• Option to purchase extra holiday days
• Flexible and hybrid working options
• Enhanced parental leave
• Pension scheme with up to 11% employer contribution
• Income Protection and Life insurance (4x salary)
• Private medical insurance
• Health care cash plans including optical, dental, outpatient care
• Health screening programmes