At a Glance
- Tasks: Lead complex security incidents and design robust security solutions across cloud and data environments.
- Company: Join a global cyber security team backed by strong Private Equity investment.
- Benefits: Competitive salary, hybrid/remote work options, and opportunities for professional growth.
- Other info: Collaborative culture with a focus on continuous improvement and innovation.
- Why this job: Make a real impact in a fast-paced environment while enhancing security measures.
- Qualifications: Extensive experience in security operations and cloud security expertise required.
The predicted salary is between 85000 - 85000 β¬ per year.
Location: [London / hybrid / remote]
Salary: Β£85,000
About the Role
We are seeking a highly experienced Level 3 Security Analyst to join a global cyber security function in an organisation that has recently had strong Private Equity investment, with a dual remit as a Security Architect. This is a senior, hands-on role within a regulated environment where security, data protection, and operational resilience are business critical.
Reporting to the Head of IT Security, you will act as a key technical authority for complex security incidents while shaping and strengthening our long-term security controls across endpoints, cloud platforms, identity, and data. You will work closely with IT, Engineering, and senior stakeholders to design pragmatic, risk-based security solutions that enable the business while meeting regulatory and compliance expectations. This role suits someone who thrives at the intersection of deep technical investigation, architectural decision making, and operational improvement. The ideal applicant will be driven by progress and want to grow in a fast-moving environment.
Key Responsibilities
- Security Operations & Incident Response
- Act as the L3 escalation point for security alerts and incidents, leading end-to-end response activities including investigation, containment, eradication, and post-incident reviews.
- Drive continuous improvement in mean time to detect and respond, ensuring lessons learned are translated into stronger controls and detections.
- Endpoint, Detection & Response
- Design, tune, and operationalise Microsoft Defender for Endpoint (EDR/XDR) use cases.
- Improve alert fidelity, triage workflows, and response playbooks to deliver efficient, repeatable outcomes within a regulated environment.
- Data Protection & Insider Risk
- Own and mature Microsoft Purview controls, including Data Loss Prevention (DLP) and Insider Risk Management.
- Lead policy design, tuning, and investigations to protect sensitive and regulated data throughout its lifecycle.
- Cloud & Infrastructure Security
- Provide security leadership across AWS, Azure, and GCP, including logging and visibility, identity and access guardrails, and secure cloud architecture patterns.
- Conduct security architecture and design reviews for cloud workloads and platform changes.
- Vulnerability & Risk Management
- Lead vulnerability management activities (ideally using Qualys, or equivalent tools).
- Ensure effective scan coverage, risk-based prioritisation, remediation tracking, and clear reporting aligned to regulatory expectations.
- Security Architecture & Change Enablement
- Act as a security architect for projects and change initiatives.
- Perform threat modelling where appropriate and define proportionate, practical controls across endpoints, cloud, identity, and data.
- Collaboration & Continuous Improvement
- Partner with IT and Engineering teams to enhance security telemetry, logging standards, and SIEM-driven detections.
- Contribute to secure by design practices; working knowledge of application security principles (e.g. OWASP Top 10, CI/CD controls) is advantageous.
Skills & Experience
Essential
- Significant hands-on experience in senior (L3) security operations, including leading complex incident investigations in enterprise or regulated environments.
- Strong cloud security expertise across AWS, Azure, and/or GCP, including identity, logging, and native security services.
- Proven experience with EDR/XDR, ideally Microsoft Defender for Endpoint, including deployment, tuning, investigation, and response.
- Hands-on experience with Microsoft Purview, including DLP and Insider Risk Management policy design and investigations.
- Solid vulnerability management experience (Qualys preferred) covering prioritisation, remediation coordination, and reporting.
- Strong understanding of networking and security fundamentals (DNS, VPNs, TLS, segmentation) and modern identity controls (MFA, conditional access).
- Experience working with SIEM platforms and log-driven investigations; the ability to write or refine detections is highly valued.
- Ability to produce clear, pragmatic security architecture guidance and influence technical and non-technical stakeholders.
Desirable
- Scripting or automation experience (e.g. Python, PowerShell, Bash) and/or SOAR exposure.
- Relevant certifications such as CISSP, CCSP, Security+, or GIAC.
- Exposure to application security concepts is beneficial but not essential.
Senior Security Analyst in London employer: Spencer Rose
Join a dynamic and forward-thinking organisation that prioritises security and innovation in the heart of London. As a Senior Security Analyst, you will benefit from a collaborative work culture that encourages continuous learning and professional growth, supported by strong private equity investment. With flexible working options and a focus on operational resilience, this role offers a unique opportunity to make a significant impact while advancing your career in a thriving environment.
StudySmarter Expert Adviceπ€«
We think this is how you could land Senior Security Analyst in London
β¨Tip Number 1
Network, network, network! Get out there and connect with people in the industry. Attend meetups, webinars, or even just grab a coffee with someone who works in security. You never know who might have a lead on your dream job!
β¨Tip Number 2
Show off your skills! Create a portfolio or GitHub repository showcasing your projects, especially those related to security operations or cloud security. This gives potential employers a tangible look at what you can do.
β¨Tip Number 3
Prepare for interviews by brushing up on common security scenarios and incident response strategies. Practice articulating your thought process during complex investigations, as this will demonstrate your expertise and problem-solving skills.
β¨Tip Number 4
Donβt forget to apply through our website! Weβre always on the lookout for talented individuals like you. Plus, itβs a great way to ensure your application gets the attention it deserves.
We think you need these skills to ace Senior Security Analyst in London
Some tips for your application π«‘
Tailor Your CV:Make sure your CV is tailored to the Senior Security Analyst role. Highlight your hands-on experience in security operations and any relevant cloud security expertise. We want to see how your skills align with what we're looking for!
Craft a Compelling Cover Letter:Your cover letter is your chance to shine! Use it to explain why you're passionate about cyber security and how your experience makes you the perfect fit for our team. Don't forget to mention specific projects or achievements that showcase your skills.
Showcase Your Technical Skills:In your application, be sure to highlight your technical skills, especially around EDR/XDR tools like Microsoft Defender for Endpoint and cloud security across AWS, Azure, or GCP. We love seeing candidates who can demonstrate their expertise in these areas!
Apply Through Our Website:We encourage you to apply through our website for the best chance of getting noticed. Itβs super easy, and you'll be able to keep track of your application status. Plus, we love seeing applications come directly from our site!
How to prepare for a job interview at Spencer Rose
β¨Know Your Stuff
Make sure you brush up on your technical knowledge, especially around security operations and cloud security. Be ready to discuss your hands-on experience with tools like Microsoft Defender for Endpoint and Qualys, as well as your approach to incident response and vulnerability management.
β¨Showcase Your Problem-Solving Skills
Prepare to share specific examples of complex incidents you've handled. Highlight how you led investigations, implemented improvements, and collaborated with teams to enhance security measures. This will demonstrate your ability to thrive in a fast-paced environment.
β¨Understand the Business Context
Familiarise yourself with the company's goals and how security fits into their overall strategy. Be ready to discuss how you can contribute to their long-term security controls and compliance expectations, showing that you understand the balance between security and business needs.
β¨Ask Insightful Questions
Prepare thoughtful questions about the company's security architecture, current challenges, and future projects. This not only shows your interest but also gives you a chance to assess if the role aligns with your career aspirations and values.
