Security Analyst

We have an exciting opportunity at the RSK Group for a Security Analyst to join our existing Business Systems Team. The team is responsible for the company's enterprise-wide applications and information security, servicing requirements from over 15,000 staff members. This is a full time (40 hours pw) remote position, with occasional office visits required. The role is to support group-level cybersecurity operations across a highly decentralised organisation of 250 independently operated businesses globally. You will work closely with the Group Information Security Manager and serve as a bridge between Group Security, Group IT, external SOC providers, and security contacts across the businesses. This position offers a unique opportunity to have visibility and impact across a broad business landscape while working in a fast-moving, risk-diverse environment.

Key Responsibilities

• Security Incident Management: Triage and investigate escalated incidents from the third-party SOC. Coordinate remediation efforts with business IT teams and/or third-party providers.
• M365 Tenant Risk Monitoring: Monitor Microsoft 365 tenants across the Group. Identify and communicate risks or anomalies to tenant owners or managed service providers.
• Threat Intelligence & Communication: Monitor emerging cyber threats and vulnerabilities relevant to the group. Disseminate actionable threat intelligence and guidance to the relevant businesses.
• Security Metrics & Reporting: Track and report on key operational metrics (e.g., MTTD, MTTR, escalations, resolutions). Use data to identify bottlenecks, trends, and opportunities for improvement.
• Attack Surface Management: Monitor and assess findings from the Group's Attack Surface Management (ASM) tool. Work with IT and business stakeholders to validate and remediate exposure.
• Support RSK Group and its subsidiaries during Audits: Engage in screensharing sessions. Provide redacted evidence where required.
• Cybersecurity Roadmap Execution: Support the Group Information Security Manager in the delivery of the cybersecurity roadmap. Assist with planning and executing initiatives across awareness, tooling, and resilience.

Person Specification

Essential:

• 2-5 years of experience in a Security Operations, Incident Response, or SOC analyst role.
• Strong familiarity with Microsoft 365 security configurations and Microsoft Defender suite, including Sentinel.
• Security tooling such as Netskope, Sentinel, CyberArk.
• Security incident handling and investigation processes.
• Attack surface management or external exposure tools (e.g., ASM, EASM, Shodan, etc.).
• Understanding of security frameworks (e.g., NIST CSF, ISO 27001, MITRE ATT&CK).
• Excellent communication skills with the ability to translate technical findings into business actions.
• Strong organisational and coordination skills; comfortable managing multi-threaded work across a large enterprise environment.

Desirable:

• Experience working in a federated or decentralised organisation.
• Exposure to SOC tooling (e.g., SIEM, SOAR platforms) and KQL.
• Familiarity with metrics and reporting in a security context.
• Cybersecurity certifications (e.g., CompTIA Security+, GSEC, SSCP, AZ-500, Microsoft SC-200).

Salary and benefits

£45,000 - £60,000 dependent on experience. Contributory Pension Scheme. Life Assurance. A flexible benefits programme including the option to buy additional. Regular training and career development. Your professional institution fees and training will be covered.

RSK Group is an Equal Opportunities Employer. RSK will not accept unsolicited CVs from agencies other than RSK PSL or Secondary agencies.

Benefits:

• Life Assurance
• Annual Leave
• Purchase Cycle to Work Scheme
• Discounted Gym Membership
• Mental Health Support
• Electric Vehicle Salary Sacrifice Scheme