The Information Security Analyst plays a key role in delivering the organization's information security roadmap by combining technical expertise with cross-functional collaboration. This role is responsible for supporting day-to-day security operations, including security monitoring, threat detection, incident response, and the continuous improvement of security processes and capabilities.
Working in a dynamic and fast-paced environment, you will serve as a security subject matter expert, providing technical guidance, consultancy, and security advice to projects and business stakeholders. Leveraging your experience in Information Security, you will proactively identify threats, enhance detection capabilities, and help strengthen the organization's overall security posture while ensuring the consistent delivery of security services.
The role blends hands-on technical responsibilities with business engagement, including supporting security initiatives, developing and optimizing monitoring and detection capabilities, participating in incident response activities, and collaborating closely with teams across Security Architecture, Governance, Risk & Compliance (GRC), Security Engineering, and IT to implement and maintain effective security controls.
We're looking for a security professional who enjoys solving complex technical challenges, thrives in a collaborative environment, and has a passion for continuous improvement.
You should have:
Hands-on experience working within Information Security Operations.
Practical experience supporting Security Operations Centre (SOC) and Incident Response functions.
Experience administering, tuning, and maintaining Web Application Firewall (WAF) technologies.
Experience investigating and responding to security incidents using established incident response methodologies.
Proven experience performing proactive threat hunting using SIEM, EDR/XDR, cloud, and identity telemetry.
Experience working with enterprise SIEM platforms such as Splunk.
Experience with Microsoft Defender for Endpoint or equivalent Endpoint Detection and Response (EDR/XDR) technologies.
Experience monitoring and investigating security events within AWS environments.
Strong understanding of security monitoring, detection engineering, and alert optimisation.
Experience writing and troubleshooting SIEM queries using SPL, KQL, or equivalent query languages.
Experience analysing logs from endpoint, identity, network, cloud, and application sources.
Good understanding of identity and access security, including Microsoft Entra ID and Active Directory.
Strong knowledge of common attack techniques, adversary behaviours, and the MITRE ATT&CK framework.
Solid understanding of networking fundamentals, including DNS, HTTP/S, TLS, and authentication protocols.
Familiarity with email security technologies including SPF, DKIM, and DMARC.
Understanding of security methodologies, industry best practices, and recognised frameworks.
Knowledge of security and risk frameworks such as NIST 800 and ISO 27001.
Strong communication skills with the ability to engage effectively with both technical and non-technical stakeholders.
An understanding of how business priorities, regulatory requirements, and technical constraints influence cybersecurity decisions.
Desirable Experience