Cyber Security Incidence Response

Cyber Security Analyst - Incident ResponseLondon - Hybrid | Up to £65,000 + benefitsA global specialist insurer is building out its internal cyber defence capability and is seeking an experienced analyst to strengthen its Security Operations Centre.You'll join a collaborative team focused on both proactive threat hunting and live incident response, protecting a complex international estate. This position suits someone who has started their career in a SOC environment and now works primarily in incident and threat response. The roleLead investigations into live security incidents including malware, phishing, and endpoint compromisePerform root cause analysis, containment, and recovery actionsTune detection rules and develop new use cases to improve response timesUtilise Microsoft Defender, Sentinel, and Azure Security tools to detect and respond to threatsConduct post-incident reviews and recommend long-term prevention strategiesCollaborate with infrastructure and security teams to harden systems and processes Experience requiredMinimum 2 years in a SOC environment followed by recent hands-on incident response experienceStrong working knowledge of SIEM and EDR tools (Sentinel, Defender, CrowdStrike, etc.)Solid understanding of Windows, Linux, and network security principlesExperience with forensic or threat analysis techniquesFamiliarity with MITRE ATT&CK, NIST, or similar frameworks DesirableExposure to automation or SOAR toolingPowerShell or Python scripting skillsGIAC or Microsoft security certifications This is an opportunity to join a highly respected security function within the London Market, working closely with senior engineers and threat specialists in an environment that prioritises both learning and impact. We are looking to schedule interviews immediately so contact Brushoth: brushoth@pioneer-search.com or apply following the linkDesired Skills and ExperienceCyber Security Analyst - Incident ResponseLondon - Hybrid | Up to £65,000 + benefitsA global specialist insurer is building out its internal cyber defence capability and is seeking an experienced analyst to strengthen its Security Operations Centre.You'll join a collaborative team focused on both proactive threat hunting and live incident response, protecting a complex international estate. This position suits someone who has started their career in a SOC environment and now works primarily in incident and threat response.The role* Lead investigations into live security incidents including malware, phishing, and endpoint compromise* Perform root cause analysis, containment, and recovery actions* Tune detection rules and develop new use cases to improve response times* Utilise Microsoft Defender, Sentinel, and Azure Security tools to detect and respond to threats* Conduct post-incident reviews and recommend long-term prevention strategies* Collaborate with infrastructure and security teams to harden systems and processesExperience required* Minimum 2 years in a SOC environment followed by recent hands-on incident response experience* Strong working knowledge of SIEM and EDR tools (Sentinel, Defender, CrowdStrike, etc.)* Solid understanding of Windows, Linux, and network security principles* Experience with forensic or threat analysis techniques* Familiarity with MITRE ATT&CK, NIST, or similar frameworksDesirable* Exposure to automation or SOAR tooling* PowerShell or Python scripting skills* GIAC or Microsoft security certificationsThis is an opportunity to join a highly respected security function within the London Market, working closely with senior engineers and threat specialists in an environment that prioritises both learning and impact.We are looking to schedule interviews immediately so contact Brushoth: brushoth@pioneer-search.com or apply following the link