Security and Privacy Operations Analyst - 6 Month Day Rate Contract

Information Security is responsible for the stability, maturity, and continuous improvement of the firm’s operational security and privacy controls. This includes leading the monitoring, detection, response, and management of cyber and data‑related risks while ensuring compliance with UK GDPR, industry standards (ISO27001), and client expectations. The role plays a key part in the operational management of security and privacy risk across the firm’s technology environment, working with third‑party service providers to ensure effective operation of threat detection, incident response, data protection controls, and operational workflows supporting UK GDPR compliance.

Key Responsibilities

• Monitor security event identification via the third‑party security operations service.
• Triage, analyse, and investigate incidents to validate potential threats, anomalies, or policy violations.
• Coordinate incident response activities including containment, evidence collection, documentation, and recovery support.
• Contribute to threat hunting activities using KQL queries and intelligence‑led techniques.
• Maintain accurate incident records, ensuring actions and outcomes are logged to a high standard.
• Facilitate security testing and awareness through threat simulations.
• Support the triage and processing of data subject rights (DSR) requests, including subject access requests (SARs).
• Conduct data discovery and collection across systems, ensuring completeness and accuracy.
• Support DPIA processes through data mapping, evidence gathering, and risk assessment input.
• Help maintain and tune Microsoft Defender, Sentinel, and Purview policies, analytics rules, alerts, and workflows.
• Support the development, testing, and maintenance of automated playbooks and response actions (e.g., Logic Apps).
• Verify compliance with expected practice in the operation of technology services, including security baseline and access right reviews.
• Support vulnerability management by tracking remediation, validating fixes, and assisting with reporting.
• Gather and analyse data to identify trends, gaps, and areas for control improvement.
• Assist with periodic control reviews, audits, and compliance checks as required.
• Prepare operational reports, dashboards, and metrics for the Team Lead and wider stakeholders.
• Develop and maintain playbooks, runbooks, and procedural documentation.
• Contribute to continuous improvement activities, including identifying opportunities to streamline operations.
• Ensure all actions adhere to internal policies, regulatory requirements, and industry best practice.

Qualifications & Experience

• Minimum 5+ years’ experience in a security operations, IT security, privacy operations, or related technical role.
• Familiarity with Microsoft Defender XDR, Microsoft Sentinel (SIEM/SOAR), and privacy‑management solutions (e.g., Purview, OneTrust).
• Basic understanding of key cybersecurity and privacy concepts such as threat detection and analysis, incident response lifecycle, vulnerability and exposure management, data‑privacy principles, and data‑subject rights.
• Experience analysing logs, alerts, or data from security tools.
• Strong documentation, investigation, and analytical skills.
• Desirable: hands‑on experience writing KQL queries, PowerShell, or CLI commands.
• Exposure to automation or playbooks (Logic Apps, Defender workflows).
• Knowledge of frameworks such as MITRE ATT&CK or NIST CSF.