Embedded Cyber Detection and Response Analyst

Control Risks Group Holdings Ltd
Charing Cross, United Kingdom
3 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Shift work
Languages
English
Experience level
Intermediate

Job location

Charing Cross, United Kingdom

Tech stack

Amazon Web Services (AWS)
Data analysis
Azure
Log Analysis
Security Information and Event Management
Cloud Platform System
Mitre Att&ck
Malware
Cybercrime
Dart
Cyber Warfare
Splunk

Job description

The Cyber Detection and Response Analyst supports day-to-day detection, investigation, and response activities as part of a Cyber Detection and Response Team (DART). This is a hands-on technical role focused on identifying, analysing, and responding to cyber threats across the client's environment, working closely with Security Engineering and broader security stakeholders.

This role will be a part of a 24/7 team and cover one of two shifts: Sunday-Thursday 9:00 am-5:00 pm GMT or Tuesday-Saturday 9:00 am-5:00 pm GMT, * Monitor, triage, and investigate security alerts and events across endpoint, network, cloud, and identity systems.

  • Support incident response activities including analysis, containment, remediation, and documentation.
  • Execute established incident response playbooks and contribute to their continuous improvement.
  • Perform threat hunting activities to identify potential compromises and gaps in detection coverage.
  • Leverage threat intelligence to inform investigations and detection tuning.
  • Collaborate with Security Engineering to tune detection logic and improve security controls.
  • Produce clear, concise incident reports and support root cause analysis and remediation efforts.
  • Support on-call rotations and escalation processes as part of a 24/7 detection and response capability.

Requirements

  • 3-5 years of experience in cybersecurity, with a focus on incident response, SOC operations, or cyber defense.
  • Hands-on experience with SIEM, EDR/XDR, and log analysis tools (e.g., Splunk, Sentinel, CrowdStrike).
  • Practical understanding of incident response methodologies and frameworks such as MITRE ATT&CK and NIST.
  • Familiarity with threat hunting, malware analysis, or forensic investigation techniques.
  • Exposure to cloud environments (AWS, Azure, or GCP) and modern enterprise architectures is preferred.
  • Strong analytical and problem-solving skills, with the ability to communicate technical findings clearly.
  • Relevant certifications (e.g., Security+, GCIH, GCIA, or equivalent) are a plus.

Apply for this position