Requirements
- Hands-on experience monitoring, detecting, analysing, investigating, and responding to cyber security threats.
- Strong understanding of cyber security operations and incident response, including root cause analysis and post-incident review activities.
- Experience working with SIEM and SOAR platforms, including alert analysis, detection tuning, and response automation.
- Experience performing threat hunting and integrating threat intelligence into operational security activities.
- Practical experience with cloud security concepts and services, particularly within AWS environments, including logging, telemetry, native security controls, and common attack patterns.
- Experience improving security operations through automation, and configuration-as-code approaches.
- Familiarity with Infrastructure-as-Code and CI/CD tooling (e.g. Terraform, GitLab CI/CD, or equivalent), with the ability to review and influence security controls within engineering workflows.
- Experience working within DevOps or squad-based delivery environments, collaborating closely with engineers and architects.
- Strong communication skills, with the ability to explain security issues clearly to both technical and non-technical audiences, particularly during incidents.
Work Arrangement
Hybrid — Cambridge, Leeds, London