Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead investigations into security incidents and manage vulnerabilities across diverse platforms.
- Company: Join a dynamic security team in a hybrid work environment based in Cardiff.
- Benefits: Enjoy competitive pay, flexible working, and opportunities for professional growth.
- Other info: Collaborate with experts and tackle complex security challenges every day.
- Why this job: Make a real difference in cybersecurity while developing your skills in a supportive team.
- Qualifications: Experience in security analysis and incident response is essential.
The predicted salary is between 45000 - 55000 £ per year.
The Level 3 Security Analyst is responsible for the technical investigation, containment, remediation, and resolution of IT security incidents and vulnerabilities across a complex, multi-site customer estate supported by the MSP. The role acts as a senior technical authority for security incidents, working alongside Incident Management, Infrastructure, Network, and Application teams to ensure security issues are resolved end-to-end, correctly documented, and do not reoccur.
Key Accountabilities
- Security Incident Investigation & Response
- Act as the technical lead for the investigation of security incidents across supported platforms.
- Investigate malware, ransomware, account compromise, unauthorised access, suspicious activity, and security misconfiguration.
- Perform detailed root cause analysis across endpoint, identity, network, and application layers.
- Advise the Incident Manager on incident scope, impact, containment, eradication strategy, and recovery validation.
- Drive incidents through to full technical resolution, not temporary mitigation.
- Vulnerability Management
- Investigate vulnerabilities identified via scanning platforms, endpoint and cloud tooling, supplier disclosures, and audit activity.
- Assess risk based on exploitability, exposure, and operational impact.
- Own remediation actions end-to-end, coordinating with Infrastructure, Network, and third-party suppliers.
- Validate remediation and ensure appropriate evidence is captured for assurance and audit.
- Platforms & Technology Scope
- End-user devices including Windows, macOS, tablets, and peripherals.
- Microsoft 365 including Entra ID, Exchange, SharePoint, Defender, and endpoint protection.
- Identity and Access Management including privileged and service accounts.
- On-premises and cloud-hosted servers.
- Network infrastructure including firewalls, switches, wireless, and WAN connectivity.
- Cloud-hosted and supplier-managed applications.
- Documentation, Audit & Continuous Improvement
- Produce clear, technically accurate documentation covering incidents, root cause analysis, and corrective actions.
- Support governance, customer assurance, and audit requirements.
- Contribute to post-incident reviews and lessons learned.
- Identify recurring issues and recommend long-term improvements.
- Ensure incidents and vulnerabilities are correctly logged and tracked within ITSM systems.
- Collaboration & Escalation
- Work closely with Incident Managers, Security specialists, and Level 3 Infrastructure and Network teams.
- Act as a senior escalation point for Level 1 and Level 2 teams.
- Engage third-party suppliers to progress investigation and remediation.
- Participate in out-of-hours response as required.
Knowledge, Skills & Experience
- Essential
- Proven experience in a Level 3 or Senior Security Analyst or Incident Response role.
- Hands-on experience investigating and resolving incidents across endpoints, identity platforms, networks, and cloud services.
- Strong understanding of malware and ransomware response, identity compromise, and vulnerability remediation.
- Experience working with informal Security Incident and Major Incident processes.
- Strong written documentation and stakeholder communication skills.
- Desirable
- Experience supporting multi-site or operationally sensitive environments.
- Familiarity with Defender, SIEM, EDR, and vulnerability management tools.
- Understanding of regulated or PCI-adjacent environments.
- Relevant security certifications or equivalent experience.
Behavioural Competencies
- Takes ownership from detection through to resolution.
- Investigates thoroughly and challenges incomplete fixes.
- Calm, methodical, and decisive during live incidents.
- Understands operational and business impact.
- Professional and confident when engaging customers and suppliers.
Decision Making & Authority
- Makes technical decisions relating to investigation, containment, and remediation of security incidents.
- Escalates risk and decision points appropriately to Incident Management and Service Delivery leadership.
Key Interfaces
- Incident Management
- Security Operations
- Infrastructure and Network Services
- Third-party suppliers
- Customer stakeholders via structured incident communications
3rd Line Security Analyst in Newport employer: Operations Resources Limited
Contact Detail:
Operations Resources Limited Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land 3rd Line Security Analyst in Newport
✨Tip Number 1
Network, network, network! Get out there and connect with people in the industry. Attend security meetups, webinars, or even local tech events. You never know who might have a lead on that perfect Level 3 Security Analyst role!
✨Tip Number 2
Show off your skills! Create a portfolio or a personal blog where you can share your insights on incident response and vulnerability management. This not only showcases your expertise but also makes you stand out to potential employers.
✨Tip Number 3
Don’t just apply blindly! Tailor your approach for each application. Research the company, understand their security challenges, and mention how your experience aligns with their needs when you reach out. It shows you’re genuinely interested.
✨Tip Number 4
Finally, don’t forget to apply through our website! We’ve got loads of opportunities waiting for you, and applying directly can sometimes give you an edge. Plus, it’s super easy to keep track of your applications!
We think you need these skills to ace 3rd Line Security Analyst in Newport
Some tips for your application 🫡
Tailor Your CV: Make sure your CV is tailored to the 3rd Line Security Analyst role. Highlight your experience with incident response and vulnerability management, and don’t forget to mention any relevant certifications or tools you’ve worked with.
Craft a Compelling Cover Letter: Your cover letter is your chance to shine! Use it to explain why you're the perfect fit for this role. Mention specific experiences that relate to the job description and show us your passion for security.
Show Off Your Documentation Skills: Since strong written documentation is key for this role, make sure to showcase your ability to produce clear and accurate reports. Include examples of how you've documented incidents or remediation actions in the past.
Apply Through Our Website: We encourage you to apply through our website for a smoother application process. It’s the best way for us to receive your application and get you on our radar!
How to prepare for a job interview at Operations Resources Limited
✨Know Your Stuff
Make sure you brush up on your technical knowledge related to security incidents and vulnerabilities. Be prepared to discuss your hands-on experience with malware, ransomware, and incident response. They’ll want to hear about specific situations where you’ve taken ownership of an incident from detection to resolution.
✨Showcase Your Documentation Skills
Since clear documentation is key in this role, be ready to talk about how you’ve produced accurate reports in the past. Bring examples of your documentation work if possible, and explain how it supported governance and audit requirements. This will demonstrate your attention to detail and commitment to continuous improvement.
✨Collaboration is Key
This role involves working closely with various teams, so highlight your experience in collaboration. Share examples of how you’ve engaged with Incident Managers, Infrastructure teams, or third-party suppliers during incidents. Emphasise your ability to communicate effectively and escalate issues when necessary.
✨Stay Calm Under Pressure
They’ll be looking for someone who can remain calm and methodical during live incidents. Prepare to discuss a time when you faced a high-pressure situation and how you handled it. Show them that you can make decisive decisions while understanding the operational and business impact of security incidents.