Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Monitor and protect IT systems from cyber threats while leading incident response efforts.
- Company: Join EWT, the UK's internal tech division focused on security and innovation.
- Benefits: Enjoy a dynamic work environment with opportunities for growth and collaboration.
- Why this job: Be part of a crucial team that safeguards businesses against cyber risks and enhances security posture.
- Qualifications: Prior experience in Cyber Security and familiarity with SIEM tools are essential.
- Other info: On-call duties required; must be SC cleared.
The predicted salary is between 48000 - 84000 £ per year.
Senior Threat Detection Analyst
Capability: Enterprise-Wide Technology
Team: Threat Detection (SOC)
Job Title: Senior Threat Detection Analyst
Enterprise-Wide Technology
EWT is the UK Firm’s internal technology division and is accountable for delivering a range of services to the UK Firm. Taking a holistic approach, this includes gathering requirements, solution design, build and run and the execution of complex change portfolios focused on security, data, core infrastructure and business applications.
Threat Detection Team
The Team is an important function within Security Operations. The team play a key role in ensuring that the business IT systems are protected and monitored from cyber threats. The team works with external MSSPs to monitor, analyse, report cyber security threats and respond accordingly. The team works with the different internal business capabilities to ensure that security monitoring service is embedded into their solutions. The team is also responsible for making sure that security monitoring is aligned with cyber threat landscape and business risks on an ongoing basis.
Senior Threat Detection Analyst (SOC)
The person will be playing a key role in ensuring that the business IT systems are protected and monitored from threats, participate in the active monitoring of the security sensors and ensure that appropriate actions are taken as part of the Incident Response process, work with the different# business capabilities to ensure that security monitoring service is embedded into their solutions.
You will be part of on-call rota for SOC and required to be on-call for one week at a time typically, during a month.
Key Responsibilities
- Act as an escalation point for other security analysts in the SOC, including 3rd party MSSP
- Co-ordinate SOC team response and work with Threat Detection manager to improve triage processes
- Deputise Threat Detection Manager with full delegated responsibilities, when required
- Proactively monitor the network security sensors ensuring timely detection, investigation and remediation of potential threats in line with the incident management lifecycle
- Use the advanced security analytics toolsets to monitor for emerging threat patterns and vulnerabilities, attempted or successful breaches
- Work closely with other teams to ensure that all technologies are activity monitored including troubleshooting where necessary
- Interact with the Global Security Operations Centre (GSOC) & MSSP, including Incident response and intelligence sharing, escalating to management where required
- Triage and manage incidents, events and queries from the business to the relevant resolver group
- Contribute to the Continual Service Improvement of the teams' operations through proactive analysis, engagement and collaboration
- Detect, respond and coordinate response for security events while capturing essential details and artefacts
- Operationalise actionable intelligence reports from Threat Intelligence team and external sources
- Maintain event response documentation, participate in post-mortems, and write event reports
- Contribute to projects that enhance the security posture of the business
- Identify trends, potential new technologies, and emerging threats, which may impact the business
- Review and prioritise alerts based on Standard Operating Procedures
- Review and triage suspected security events reported by staff members or Security Monitoring platforms
- Accurately document work in Incident case management system as per defined standards
- Leverage multiple data sources to analyse detection alerts and staff reported cyber-attacks to identify which events require response activities based on Standard Operating Procedures
- Declare an incident and escalate it to Incident Response team, ensuring findings have been accurately captured in the Incident case management system as per defined standards
- Ensure that cases are accurately categorised to ensure the appropriate feedback is provided to the Detection and Response Engineering team and to facilitate reporting
- Identify and record gaps in visibility and security posture through the course of investigations as per defined Standard Operating Procedures
- Identify potential new detection logic and escalate to the Detection and Response Engineering team
- Hunt for threat indicators from log data and other available endpoint/network artefacts
Key Attributes
- Prior experience in Cyber Security
- Experience of working in a Security Operations Centre or Security Monitoring Team.
- Experience with managed security services and security consulting would be a plus
Essential Skills and Experience
- Hands on SIEM and EDR tooling knowledge and experience including technologies such as Microsoft Sentinel, Microsoft Defender Suite etc.
- Experience in end-to-end information security incident management and mitigating and addressing threat vectors including Advanced Persistent Threat (APTs), Distributed Denial of Service (DDoS), Phishing, Malicious Payloads, Malware, etc
- Experience with Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS), Web Application, Firewalls, Firewall logs, systems logs, web logs, application logs and Security Information and Event Management (SIEM) systems
- Experience with technologies, tools, and process controls to minimise risk and data exposure.
- Experience in search query languages such as KQL, OSquery or SPL
- Solid experience of working in Cloud environments such as AWS, Azure, & GCP
- Experience with building threat-based Use Cases using frameworks such as MITRE ATT&CK
- Solid understanding of ISO 27001, Cyber Essentials/Essentials Plus, GDPR and other information security-related regulatory and compliance standards
- Understanding of security threats, attack scenarios, intrusion detection and incident management
- Ability to function effectively in a matrix structure
- Ability to deal with ambiguity and to keep a cool head when dealing with crisis or stressful situations
- Strong analytical skills
- Apply analytical rigor and demonstrate business acumen to understand complex business scenarios
- Fluent in English
- Already holds, or can be SC cleared
Desirable Skills and Experience
- Bachelor’s degree in Computer Science or related field
- Information Security and/or Information Technology industry certification (CISSP, SANS GIAC, SC-200, AZ-500 or equivalent)
If this sounds of interest please apply or reach out to
Senior Threat Detection Analyst employer: Lorien
Contact Detail:
Lorien Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Senior Threat Detection Analyst
✨Tip Number 1
Familiarize yourself with the specific tools and technologies mentioned in the job description, such as Microsoft Sentinel and EDR tooling. Having hands-on experience or relevant certifications can set you apart from other candidates.
✨Tip Number 2
Engage with online communities or forums related to cybersecurity and threat detection. Networking with professionals in the field can provide insights into the latest trends and may even lead to referrals.
✨Tip Number 3
Stay updated on the latest cyber threats and vulnerabilities. Being knowledgeable about current events in cybersecurity will demonstrate your passion and commitment to the role during interviews.
✨Tip Number 4
Prepare to discuss your experience with incident management and how you've handled past security incidents. Real-world examples will showcase your problem-solving skills and ability to work under pressure.
We think you need these skills to ace Senior Threat Detection Analyst
Some tips for your application 🫡
Tailor Your CV: Make sure your CV highlights relevant experience in Cyber Security and Security Operations. Emphasize your hands-on experience with SIEM and EDR tools, as well as any specific technologies mentioned in the job description.
Craft a Strong Cover Letter: In your cover letter, express your passion for cybersecurity and detail how your previous roles have prepared you for the Senior Threat Detection Analyst position. Mention specific projects or experiences that align with the responsibilities outlined in the job description.
Highlight Key Skills: Clearly list essential skills such as incident management, threat detection, and familiarity with frameworks like MITRE ATT&CK. Use examples from your past work to demonstrate your proficiency in these areas.
Showcase Continuous Learning: Mention any relevant certifications or ongoing education in Cyber Security. This shows your commitment to staying updated with industry standards and practices, which is crucial for this role.
How to prepare for a job interview at Lorien
✨Showcase Your Cyber Security Experience
Be prepared to discuss your previous roles in Cyber Security, especially any experience you have in a Security Operations Centre. Highlight specific incidents you've managed and the tools you've used, such as SIEM and EDR technologies.
✨Demonstrate Analytical Skills
Expect questions that assess your analytical abilities. Prepare examples of how you've identified threats or vulnerabilities in past roles, and be ready to explain your thought process and the outcomes of your actions.
✨Familiarize Yourself with Relevant Tools
Make sure you are well-versed in the tools mentioned in the job description, like Microsoft Sentinel and Defender Suite. Be ready to discuss how you've used these tools in your previous work and any relevant projects you've completed.
✨Understand the Incident Management Lifecycle
Brush up on the incident management lifecycle and be prepared to discuss how you would handle various scenarios. This includes detection, investigation, response, and post-mortem analysis. Show that you can think critically about each stage.
