Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Analyse real-world attacks, build detections, and contribute to threat intelligence.
- Company: Privately backed cyber security product company focused on innovation.
- Benefits: Remote work, share options, and a high-trust environment.
- Why this job: Make a real impact on cyber security with cutting-edge technology.
- Qualifications: Experience in threat hunting, SIEM tools, and scripting skills.
- Other info: Opportunity for growth and influence from day one.
The predicted salary is between 50000 - 60000 £ per year.
We’re working with a privately backed cyber security product company focused on cyber deception and threat intelligence. They deploy internet-facing deception infrastructure, observe real attacker behaviour at scale, and turn that activity into detection and intelligence used by organisations globally. They are hiring two Cyber Security Analysts at different levels. This is not a SOC role. It suits people who enjoy threat hunting, analysis, and building detection capability, rather than responding to alerts.
What you’ll be doing:
- Analyse real-world attack activity captured from deception environments
- Investigate attacker techniques and exploitation patterns
- Map activity to TTPs, CVEs, and CWEs
- Build and refine detections, alerts, and behavioural indicators
- Write scripts to support analysis and automation
- Contribute to a threat intelligence and detection capability used by customers
What they’re looking for:
- Experience in threat hunting, threat intelligence, or advanced SOC or detection roles
- Evidence of building or improving detection capability, not just operating alerts
- SIEM experience such as Splunk, Sentinel, Rapid7, or similar
- Scripting or coding experience for analysis or automation, Python ideal
- Strong understanding of attacker behaviour and modern attack techniques
Important: this is not a role focused on consuming threat intel tools or reacting to tickets.
Tech snapshot:
- Scripting: Python preferred, plus Bash or PowerShell
- SIEM exposure: Splunk, Sentinel, Rapid7, or similar
- Cloud: Azure exposure helpful but not required
- Focus on analytics, automation, and detection engineering
Seniority and growth:
- Two hires, one more senior and one at a mid-level, roughly 3 to 4 years’ experience
- High ownership and influence from day one
- Share options available
Location:
- Remote within the UK
- Scotland preferred, with regular Edinburgh meetups and occasional Glasgow
- Light travel, roughly once per month
Why this role?
- No legacy SOC or rigid process to inherit - you help build the capability
- Exposure to real attack data at scale
- High‑trust, low‑bureaucracy technical environment
- Direct impact on both product and customers
Cyber Security Analyst in Lincoln employer: Experis Scotland
Contact Detail:
Experis Scotland Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Cyber Security Analyst in Lincoln
✨Tip Number 1
Network like a pro! Reach out to folks in the cyber security field on LinkedIn or at industry events. We all know that sometimes it’s not just what you know, but who you know that can help you land that dream job.
✨Tip Number 2
Show off your skills! Create a portfolio showcasing your threat hunting projects or any scripts you've written. We love seeing practical examples of your work, and it gives you a chance to stand out from the crowd.
✨Tip Number 3
Prepare for interviews by brushing up on real-world attack scenarios. We recommend practising how you’d analyse and respond to these situations. It’ll show potential employers that you’re ready to dive into the role headfirst.
✨Tip Number 4
Don’t forget to apply through our website! We’re always on the lookout for passionate Cyber Security Analysts. Plus, applying directly shows us you’re genuinely interested in being part of our team.
We think you need these skills to ace Cyber Security Analyst in Lincoln
Some tips for your application 🫡
Tailor Your CV: Make sure your CV highlights your experience in threat hunting and detection capabilities. We want to see how you've built or improved detection systems, so don’t hold back on those details!
Show Off Your Skills: When writing your application, emphasise your scripting skills, especially in Python. If you've worked with SIEM tools like Splunk or Sentinel, let us know how you’ve used them to analyse real-world attack activity.
Be Clear and Concise: Keep your application straightforward and to the point. We appreciate clarity, so avoid jargon unless it’s relevant to your experience. Make it easy for us to see why you’re a great fit!
Apply Through Our Website: We encourage you to apply directly through our website. It’s the best way for us to receive your application and ensures you’re considered for the role. Plus, we love seeing applications come in that way!
How to prepare for a job interview at Experis Scotland
✨Know Your Threat Hunting
Make sure you brush up on your threat hunting skills. Be ready to discuss specific techniques you've used in the past, and how you've mapped activities to TTPs, CVEs, and CWEs. This will show that you understand the core of what the role entails.
✨Showcase Your Scripting Skills
Since scripting is a big part of this role, be prepared to talk about your experience with Python, Bash, or PowerShell. If you have any examples of scripts you've written for analysis or automation, bring them along to demonstrate your capabilities.
✨Familiarise Yourself with SIEM Tools
Get comfortable with SIEM tools like Splunk, Sentinel, or Rapid7. Be ready to discuss how you've used these tools to build or improve detection capabilities, rather than just operating alerts. This will highlight your proactive approach to cyber security.
✨Understand Attacker Behaviour
Dive deep into modern attack techniques and behaviours. Being able to articulate your understanding of real-world attacker activity and how it informs your analysis will set you apart. Prepare to discuss recent trends or incidents that have caught your attention.