Security Analyst/Engineer

 Position Overview 

We are seeking a dedicated Security Operations Analyst to join our team and serve as a critical component of our cybersecurity defence strategy. This role combines hands-on security operations with system administration responsibilities, requiring 24/7 on-call availability to protect both our internal infrastructure and customer environments. 

Key Responsibilities 

Security Operations & Incident Response 

● Provide 24/7 security incident response support through on-call rotation ● Monitor, analyse, and respond to security alerts and incidents for both internal systems and customer environments 

● Lead incident response efforts, including containment, eradication, recovery, and post-incident analysis 

● Conduct threat hunting activities to identify potential security risks proactively ● Document and escalate security incidents following established procedures ● Coordinate with internal teams and external stakeholders during security events 

Security Infrastructure Management 

● Maintain and optimise Microsoft Sentinel SIEM platform 

● Manage Checkpoint EDR solutions across enterprise environments ● Oversee Security Operations Centre (SOC) tools and processes 

● Administer Wiz CSPM solutions for comprehensive cloud security posture management, attack path analysis, and multi-cloud compliance monitoring ● Manage Aikido Security platform for application security testing (SAST, DAST), software composition analysis (SCA), container scanning, secrets detection, and vulnerability management with AI-powered auto-remediation 

● Utilise Perimeter 81 security solutions for secure access and network protection ● Manage the Checkpoint email security platform and investigate email-based threats 

● Configure and maintain Unifi firewall infrastructure and network security policies 

● Configure and tune security monitoring rules and detection logic ● Perform regular system updates, patches, and maintenance activities

Compliance Support & Technical Controls 

● Support compliance initiatives for ISO 27001 and PCI DSS requirements through technical implementation 

● Maintain technical security controls and configurations to meet compliance standards 

● Generate automated compliance reports and evidence from security tools (Wiz, Aikido, Sentinel) 

● Support internal and external audit activities by providing technical documentation and system evidence 

● Collaborate with future GRC specialist to implement and validate security control effectiveness 

● Track and report on security metrics, incidents, and technical control performance 

Required Qualifications 

Technical Skills 

● 3+ years of experience in cybersecurity or IT operations 

● Hands-on experience with Microsoft Sentinel SIEM platform for security monitoring and incident response 

● Proficiency with Checkpoint EDR and email security solutions 

● Experience with Unifi firewall management, configuration, and network security ● Knowledge of Wiz CSPM for cloud security posture management, vulnerability assessment, and compliance monitoring across AWS, Azure, and GCP ● Experience with Aikido Security platform for application security, SAST, SCA, secrets detection, container scanning, and vulnerability management ● Familiarity with Perimeter 81 secure access solutions and network security ● Experience with JumpCloud identity and access management platform ● System administration experience with macOS, Windows, and Linux environments 

● Experience with multi-cloud platforms (Google Cloud Platform, Microsoft Azure, AWS) 

● Proficiency with scripting languages (PowerShell, Python, Bash, shell scripting) ● Understanding of network protocols, firewalls, and intrusion detection systems

Security Knowledge 

● Understanding of cyber threats, attack vectors, and threat intelligence ● Knowledge of incident response methodologies and frameworks ● Experience with vulnerability management and penetration testing concepts ● Understanding of ISO 27001 and PCI DSS technical control requirements ● Experience generating compliance reports from security tools and platforms ● Knowledge of security frameworks (NIST, MITRE ATT&CK) 

Soft Skills 

● Strong analytical and problem-solving abilities 

● Excellent written and verbal communication skills 

● Ability to work effectively under pressure during security incidents ● Detail-oriented with strong documentation skills 

● Collaborative mindset and ability to work with cross-functional teams ● Self-motivated and able to work independently 

Preferred Qualifications 

● Bachelor's degree in Cybersecurity, Information Technology, or related field ● Relevant certifications such as Security+, GCIH, GCFA, CISSP, or CISM ● Experience in a managed security services provider (MSSP) environment ● Experience working collaboratively with compliance and risk management teams ● Understanding of the distinction between technical security controls and compliance governance 

● Knowledge of DevSecOps practices and CI/CD pipeline security ● Previous experience in a 24/7 operations centre environment 

● Hands-on experience with Wiz's Security Graph and attack path analysis features ● Familiarity with Aikido's vulnerability scanning, or other code scanning tools ● Experience with Infrastructure as Code (IaC) security scanning and container security 

Work Environment & Conditions 

● On-Call Requirement: Mandatory participation in 24/7 on-call rotation. ● Hybrid work environment with flexibility for remote work. 

● Occasional evening and weekend work during incidents or maintenance windows. 

● Fast-paced environment requiring the ability to prioritise multiple tasks. ● May require occasional travel for training or office hours. 

What We Offer 

● Competitive salary commensurate with experience 

● Comprehensive benefits package including health and well-being ● Professional development opportunities and certification support ● Flexible work arrangements

● On-call compensation and time-off policies 

● Access to cutting-edge security technologies and training