Cyber Security Analyst
Role details
Job location
Tech stack
Job description
Cyber Security Analyst We're looking for a Cyber Security Analyst who's excited about the future of AI-assisted defence and wants to be part of an internal Security Operations team. You'll join a progressive Information Security function, reporting directly to the Information Security Manager, and take a hands-on role in monitoring and responding to threats across our networks, servers, endpoints, and cloud environments. At LRQA, our philosophy is built around an offensive security mindset-understanding attacker behaviour, anticipating their moves, and using automation and AI-powered insights to stay ahead. As part of our growing team, you'll dive into real technical challenges, work with teammates who share a passion for security innovation, and help us push our capabilities forward. NOTE: This role supports LRQA's internal security team and is not part of the LRQA Nettitude Managed Services function. What You'll Do
- Operate and optimise LRQA's AI-enhanced Microsoft Defender security tooling, using machine-learning insights and automated threat detection to identify, investigate, and respond to incidents.
- Apply offensive-security thinking to analyse attacker TTPs and strengthen LRQA's detection engineering.
- Continually refine SOC processes, using automation to reduce noise and amplify analyst impact.
- Act as a key point of contact during security incidents, helping shape remediation strategies.
- Experiment with new technologies, leverage AI-driven capabilities, and contribute to a culture of continual learning and innovation.
Requirements
Do you have experience in Penetration testing?, * Hands-on experience with the Microsoft Defender security stack-alert triage, incident investigation, vulnerability analysis, and tuning detections for maximum signal-to-noise reduction.
- Background in penetration testing or security operations, with strong knowledge of attack paths against Windows AD/AAD environments.
- Strong documentation discipline, especially around procedures and technical processes.
- Calm, structured approach under pressure-particularly during live security incidents.
- A growth mindset, curiosity about AI/automation, and willingness to learn unfamiliar tools.
- Passion for optimising existing security tooling rather than relying on unnecessary products.
- Good understanding of attacker Tactics, Techniques, and Procedures (TTPs) and the ability to interpret threat intelligence.
- Ability to work independently as well as collaboratively within a high-trust, high-autonomy team.
- Creativity and commitment to reducing security risk-using both human intuition and automated intelligence.
Desirable Skills
- Experience with Microsoft Sentinel, Zscaler, or other AI-enabled cloud security technologies.
- Additional Microsoft certifications: Microsoft SC-200 certified, SC-300, SC-400, SC-900.
- Offensive security certifications such as OSCP, eCPPT, or hands-on experience via HackTheBox, TryHackMe, etc.
- Familiarity with modern tooling such as EDR, CSPM, PAM, NGFW, vulnerability management, and email security platforms., Hybrid role based in the UK, combining home working with office-based collaboration, workshops, and team sessions. Applicants must be UK residents.
