Senior Security Analyst
Davies
Full-time
On-site
London, United Kingdom, United Kingdom
Cybersecurity
The Senior Security Analyst is responsible for strengthening Asta’s security posture through hands-on security engineering, continuous monitoring, and effective operational resilience.
The role makes informed, risk based decisions during security incidents, prioritising alerts, coordinating containment actions, and recommending remediation strategies. It delivers infrastructure hardening, threat detection, vulnerability management and supports Microsoft 365 security improvements.
The successful candidate will be part of the wider infrastructure team and work closely with development teams, clients, risk and compliance to drive security automation, threat detection, incident response, and risk reduction across the enterprise platform stack.
The role makes informed, risk‑based decisions during security incidents, prioritising alerts, coordinating containment actions, and recommending remediation strategies. It delivers infrastructure hardening, threat detection, vulnerability management and supports Microsoft 365 security improvements.
The role makes informed, risk based decisions during security incidents, prioritising alerts, coordinating containment actions, and recommending remediation strategies. It delivers infrastructure hardening, threat detection, vulnerability management and supports Microsoft 365 security improvements.
The successful candidate will be part of the wider infrastructure team and work closely with development teams, clients, risk and compliance to drive security automation, threat detection, incident response, and risk reduction across the enterprise platform stack.
The role makes informed, risk‑based decisions during security incidents, prioritising alerts, coordinating containment actions, and recommending remediation strategies. It delivers infrastructure hardening, threat detection, vulnerability management and supports Microsoft 365 security improvements.
Key Responsibilities
Infrastructure Security Engineering, Configuration, Hardening & Automation: Implement and maintain security controls across infrastructure & systems for security compliance. Harden infrastructure by applying best practices for IAM, PIM, PAM & network security. Review, validate and implement recommendations of security tooling, including AD hardening tools like Ping Castle and Semperis Lightening as well as vendor solutions & systems. Collaborate on implementing & Integrating security controls into pipelines including security scans, policy enforcement, and dependency checking. Implement, support & maintain zero-trust architectures, including identity, access management, and workload isolation. Tune and optimise security monitoring tools and detection rules in collaboration with SOC providers.
Security Monitoring & Incident Response: Monitor security alerts and events from SIEM, EDR, firewall, IDS/IPS, and other security tools. Triage and prioritise alerts based on severity and impact. Investigate security incidents and suspicious activities using log analysis, and forensic techniques. Lead containment, eradication, and recovery efforts during security incidents. Maintain alerting for security events and integrate with SIEM/SOAR platforms.
M365 Security Management: Contribute to review and remediate Microsoft 365 security recommendations including threat analytics, active incidents, risky users, identity protection alerts, and compliance issues. Monitor and respond to security alerts from Microsoft Defender for Office 365 and Azure AD Identity Protection. Assist with maintenance of security policies and conditional access controls. Track and manage security posture improvements across the Microsoft 365 environment.
Threat Intelligence & Detection: Stay current with emerging threats, vulnerabilities, attack techniques, and security trends. Apply threat intelligence to improve detection capabilities and identify indicators of compromise. Contribute to threat hunting activities and proactive security monitoring. Collaborate on development & tuning of detection rules & security playbooks with SIEM/SOC providers.
Vulnerability Management: Conduct vulnerability scanning and assessment activities using tools such as Tenable, Pentera, Microsoft Secure Score and other security assessment platforms. In collaboration with the SOC monitor for exploitation attempts of known vulnerabilities as part of the SIEM process. Coordinate with IT teams on vulnerability remediation priorities and track remediation progress. Work with Varonis & SOC for data security and access governance.
Security Monitoring & Incident Response: Monitor security alerts and events from SIEM, EDR, firewall, IDS/IPS, and other security tools. Triage and prioritise alerts based on severity and impact. Investigate security incidents and suspicious activities using log analysis, and forensic techniques. Lead containment, eradication, and recovery efforts during security incidents. Maintain alerting for security events and integrate with SIEM/SOAR platforms.
M365 Security Management: Contribute to review and remediate Microsoft 365 security recommendations including threat analytics, active incidents, risky users, identity protection alerts, and compliance issues. Monitor and respond to security alerts from Microsoft Defender for Office 365 and Azure AD Identity Protection. Assist with maintenance of security policies and conditional access controls. Track and manage security posture improvements across the Microsoft 365 environment.
Threat Intelligence & Detection: Stay current with emerging threats, vulnerabilities, attack techniques, and security trends. Apply threat intelligence to improve detection capabilities and identify indicators of compromise. Contribute to threat hunting activities and proactive security monitoring. Collaborate on development & tuning of detection rules & security playbooks with SIEM/SOC providers.
Vulnerability Management: Conduct vulnerability scanning and assessment activities using tools such as Tenable, Pentera, Microsoft Secure Score and other security assessment platforms. In collaboration with the SOC monitor for exploitation attempts of known vulnerabilities as part of the SIEM process. Coordinate with IT teams on vulnerability remediation priorities and track remediation progress. Work with Varonis & SOC for data security and access governance.
Collaboration & Enablement: Work closely with IT teams to integrate security considerations into operations & projects. Assist clients with their security posture and & identifying risks, security design reviews/peer reviews and providing security threat intelligence. Collaborate with IT operations, infrastructure, and development teams on security matters. Communicate security findings and recommendations to technical and non-technical stakeholders. Act as a security advocate and enabler across the organisation.
Compliance & Documentation: Support compliance and audits for ISO 27001, NIST, SOC2, Lloyd's Principle 12, and other standards. Prepare incident reports, timelines, reviews, and maintain event logs. Contribute to security documentation, runbooks, and standards. Produce metrics and quarterly reports on security posture and incidents for senior management. Coordinate Cyber Essentials certification and audits. Handle security requests and data sharing from third parties.
Operational Resilience: Support operational resilience and business continuity planning activities including scenario testing and disaster recovery exercises. Participate in post-incident reviews and implement lessons learned.
Phishing Campaign Management: Assist the design and management of simulated phishing campaigns to test and improve staff awareness of social engineering threats. Analyse campaign results and identify training needs. Track metrics on phishing resilience and user security awareness. Provide targeted coaching and remediation training for users who fall victim to simulated attacks.
Skills, Knowledge & Expertise
- 4 years + of hands-on experience in infrastructure cybersecurity, combining security tooling engineering and managing SOC operations or incident response with experience in regulated industry.
- Strong understanding of cybersecurity principles, attack vectors, defense strategies and the Mitre Attack framework
- Experience with cloud security (preferably Azure, IAM, secrets management, encryption, & certificate management.
- Experience with Microsoft 365 security suite including Microsoft Defender, Azure AD Identity Protection, threat analytics, and security compliance tools.
- Hands-on experience with SIEM platforms (Splunk, Crowdstrike (Falcon), Log Rhtyhm, Sentinel, or Microsoft Defender).
- Familiarity with EDR/XDR tools (CrowdStrike, SentinelOne, or Microsoft Defender) and endpoint security and configuration.
- Experience of working with tools such as Varonis, Tenable, Pentera & external and internal SOC processes
- Knowledge of operating systems (Windows, Linux) and security hardening techniques with strong scripting & automation skills (Python, Bash, PowerShell)
- Excellent written and verbal communication skills with ability to translate technical concepts for non-technical audiences, deliver training, and produce executive-level reports
- Proactive, self-motivated team player with strong analytical & problem-solving skills and hands-on technical credibility with meticulous attention to detail. Ability to work under pressure and manage multiple priorities during security incidents.
- Desirable: Security certifications (CISSP, CISM, OSCP, CCSP, Security+, CySA+, GCIH, GCIA, CompTIA Security+), experience with regulatory compliance frameworks (GDPR, ISO 27001, SOC2, PCI-DSS, cyber essentials), digital forensics knowledge, threat intelligence platform experience, AWS & GCP. Develop and maintain infrastructure-as-code for security configurations (Terraform, Ansible).
Job Benefits
At Asta, you’ll enjoy a market-leading benefits package that puts your wellbeing, career development and financial future first. We combine flexible working, strong family-friendly policies and exceptional rewards to create a supportive, inclusive and high-performing workplace.
Our benefits include:
Work-life balance you can rely on
Work-life balance you can rely on
- 35-hour working week with hybrid and flexible working
- Generous holiday allowance that increases with service
Your health & wellbeing covered
- Private medical insurance with virtual GP access
- Annual health screening, dental cover and eye care
- Subsidised gym or sports club membership
Support for you and your family
- Enhanced maternity, paternity, adoption and shared parental pay
Rewarding your contribution
- Highly competitive pension with up to 13% employer contribution
- Life assurance and income protection
- Discretionary annual bonus scheme
- Interest-free season ticket loan and salary sacrifice schemes