Senior Security Operations Analyst

Senior Security Operations Analyst

Job Description

[Up to c. $160k Base Salary + Discretionary Bonus | Hybrid Working - 4 Days in Office]

Role Overview

We’re representing a specialist trading technology firm building mission-critical platforms for global financial markets. The business is expanding its Security Operations function and is hiring an additional senior analyst in New York to strengthen regional coverage across a global follow-the-sun model. This is a hands-on senior SOC role for someone who can own investigations independently, respond to meaningful incidents, and drive vulnerability remediation across Windows, endpoint, SIEM and cloud/SaaS environments...

Key Responsibilities

• Triage, investigate and respond to security alerts across SIEM, EDR, endpoint, network, cloud and SaaS telemetry
• Lead incident response activity from initial assessment through containment, recovery, root cause analysis and post-incident reporting
• Use tools such as CrowdStrike, Sumo Logic and Tenable to investigate endpoint activity, correlate events and assess risk
• Analyse vulnerability findings, identify affected assets, prioritise remediation and track progress with IT and engineering teams
• Build, maintain and improve playbooks, runbooks, escalation paths and operational documentation
• Tune alerts, improve detection quality and reduce false positives across security monitoring platforms
• Support threat hunting, purple team follow-up and MITRE ATT&CK-aligned detection improvement where relevant
• Produce clear technical and non-technical reporting for incidents, vulnerability trends, remediation status and control gaps
• Mentor less experienced analysts through investigation guidance, tool usage and operational best practice
• Support high-severity incident response outside normal working hours when required

What You'll Bring…

• 4+ years of hands-on experience in SOC, security operations, incident response or threat detection
• Strong practical experience investigating alerts and incidents across SIEM and EDR platforms
• Hands-on experience with CrowdStrike, Microsoft Defender or similar endpoint detection tooling
• Strong vulnerability management experience, ideally including Tenable, Nessus, Qualys or Rapid7
• Exposure to SOAR platforms, security automation or detection engineering workflows
• Ability to assess vulnerability impact across affected assets and drive remediation with technical teams
• Scripting capability in Python, PowerShell or Bash for investigation, automation or repeatable analysis tasks
• Working knowledge of Windows environments, identity controls, endpoint telemetry and enterprise logging
• Strong understanding of TCP/IP, DNS, HTTP/S, firewalls, proxies and common attack paths
• Experience analysing logs across endpoints, networks, cloud platforms and SaaS applications
• Clear written and verbal communication skills, with the ability to explain technical findings to varied audiences
• CISSP, GCIH, CySA+, Security+, CEH or equivalent security certification
• (Preferred) Experience with Sumo Logic, Splunk, Microsoft Sentinel or another enterprise SIEM
• (Preferred) Experience with threat hunting, purple teaming, red team collaboration or adversary emulation
• (Preferred) Cloud security telemetry experience across AWS, Azure or GCP

...

Apply for this role

All fields marked with * are required.