Senior Security Analyst - Remote/UK

Requirements:

• 5+ years in security operations with proven ability in detection engineering, incident response, and threat hunting in cloud-native (AWS, GCP, Azure) and SaaS environments (zero-trust principles).
• Advanced Splunk expertise (complex SPL, data models, dashboards, alerts).
• Strong knowledge of network protocols and OS internals (macOS, Linux, Windows).
• Proficiency with security tools (e.g., EDR, XDR, CASB, SOAR) and analyzing large datasets.
• Coding skills (e.g., Python, PowerShell) for automation and data analysis.
• Demonstrable understanding and passion for AI/ML applications in cybersecurity.
• Continuous learner with strong problem-solving and collaboration skills.

Nice to Have:

• Deep understanding of macOS/Linux internals for forensic analysis.
• Mastery of the full detection engineering lifecycle, from threat modeling to refinement.
• Experience developing custom Splunk applications (apps, TAs) or applying AI/ML models (MLOps a plus).
• Proven success in implementing automation (e.g., SOAR playbooks) to scale security operations.
• Experience leading security assessments (e.g., penetration testing, red/purple teaming).
• A portfolio of independent research, tool development, or security community contributions.
• Passion for mentoring and knowledge sharing.

What You'll Be Doing:

• Develop, test, and refine threat detection strategies and use cases using threat intelligence (e.g., MITRE ATT&CK) and attack simulations.
• Engineer advanced Splunk solutions (SPL queries, dashboards, reports) for threat detection, contextualization, and automated workflows.
• Champion and integrate AI/ML to enhance detection accuracy, automate responses, and reduce MTTD/MTTR.
• Support critical incident response efforts with investigation, containment, and remediation.
• Provide security consultation to internal teams on OpSec, secure infrastructure design, and risk mitigation.

Perks and Benefits:

• No specific perks and benefits mentioned in the job description.