Senior CSIRT Analyst

We tackle the most complex problems in quantitative finance by bringing scientific clarity to financial complexity.From our London HQ we unite world-class researchers and engineers in an environment that values deep exploration and methodical execution - because the best ideas take time to evolve. Together were building a world-class platform to amplify our teams most powerful ideas.Every breakthrough is built on strong our cyber security team youll work across disciplines to drive the strategy culture and structure that enable our success.Take the next step in your career.The roleThe Senior CSIRT Analyst will play a key role in G-Researchs Cyber Security Incident Response Team (CSIRT) specialising in cloud detection and response across AWS and hybrid environments.Youll investigate respond to and proactively hunt for threats across a diverse technology landscape including high-performance compute clusters Kubernetes and containerised infrastructures and corporate Windows environments.Youll leverage your expertise in cloud-native security tooling and multi-SIEM operations such as Elastic Azure and AWS to strengthen our detection and response capabilities.As a senior member of the team youll participate in purple and red team exercises continuously validating and improving the teams effectiveness against advanced adversaries. Mentoring junior analysts contributing to automation initiatives and supporting the on-call escalation rota for out-of-hours response will also be a key part of the role.Key responsibilities for this role include:Investigating triaging and responding to complex security incidents across cloud (AWS Azure) hybrid and on-premises environmentsProactively hunting for threats and developing detection logic to improve coverage across Elastic Azure Sentinel and AWS Security HubParticipating in red and purple team exercises to test validate and enhance detection and response capabilitiesDeveloping and maintaining automation and orchestration workflows in Tines and Python to streamline investigation and responseCollaborating with engineering teams to improve log ingestion detection rules and platform reliabilityProviding mentorship and technical guidance to junior CSIRT analystsSupporting and participating in the on-call escalation rota for out-of-hours incidentsContributing to continuous improvement of CSIRT processes playbooks and threat models.Who are we looking forThe ideal candidate will ahve the following skills and experience:Significant experience in cyber incident response detection engineering and/or SOC/CSIRT operationsStrong expertise in cloud security within AWS and Azure with hands-on experience investigating incidents in cloud environmentsProficiency with SIEM platforms such as Elastic Security Azure Sentinel AWS Security Hub or GuardDuty and log analysis.Experience working with red and purple team exercises and adversary simulationKnowledge of containerised environments including Kubernetes and Docker and cloud-native infrastructure securityProgramming and scripting experience preferably in Python and exposure to automation platforms such as Tines and SOARStrong understanding of modern attack techniques threat actors and the MITRE ATT&CK frameworkPrior mentoring coaching or senior technical leadership experience within a security operations contextBehavioural Competencies:Analytical Thinking: The ability to investigate complex threats synthesise data from multiple sources and identify root causes.Resilience: Comfortable operating in high-pressure environments and responding to incidents in real timeCollaboration: The ability to work closely with engineering operations and leadership teams to improve overall security postureInnovation: Enthusiastic about automating workflows and experimenting with new detection and response approachesLeadership: The ability to guide junior analysts foster team growth and promote a culture of continuous improvementWho should you applyHighly competitive compensation plus annual discretionary bonusLunch provided (via Just Eat for Business) and dedicated barista bar30 days annual leave9% company pension contributionsInformal dress code and excellent work/life balanceComprehensive healthcare and life assuranceCycle-to-work schemeMonthly company eventsG-Research is committed to cultivating and preserving an inclusive work environment. We are an ideas-driven business and we place great value on diversity of experience and opinions. We want to ensure that applicants receive a recruitment experience that enables them to perform at their best. If you have a disability or special need that requires accommodation please let us know in the relevant sectionRequired Experience:Senior IC Key Skills Splunk,IDS,Microsoft Access,SQL,Cybersecurity,Intelligence Experience,Malware Analysis,Tableau,Analysis Skills,SAS,Data Analysis Skills,Analytics Employment Type : Full Time Experience: years Vacancy: 1