About the Role

We are hiring a Cyber Security Analyst – Analysis to support a global, 24x7 Cyber Security Operations Center (CSOC). This role focuses on front‑line security event analysis and decision‑making, acting as the initial responder to alerts while independently resolving security events using established playbooks and sound professional judgment.

This position is well‑suited for analysts who enjoy hands‑on investigation, can confidently move beyond basic alert review, and know when and how to escalate issues with clear context. The role does not require full incident response ownership but plays a critical role in determining what requires deeper investigation and escalation.

What You Will Do

• Act as the initial responder to security alerts and events across enterprise systems, endpoints, networks, and cloud environments
• Perform event analysis and analysis using documented playbooks, runbooks, and standard operating procedures
• Apply experience‑based judgment when alerts are unclear, incomplete, or fall outside existing procedures
• Validate alerts, identify false positives, and assess severity, scope, and potential business impact
• Conduct initial investigation and contextual analysis to support accurate decision‑making
• Independently resolve and close security events, requesting assistance as needed
• Escalate confirmed or high‑risk incidents with clear, detailed, and actionable case notes
• Analyze logs and telemetry from multiple sources, including SIEM, endpoint, network, identity, and cloud platforms
• Collaborate with internal technical and business teams to support remediation and resolution
• Maintain high‑quality documentation, including investigation notes and shift handovers
• Contribute feedback to improve detection logic, playbooks, and analysis workflows
• Stay current on emerging cyber threats, attacker techniques, and defensive best practices

Required Experience & Skills

• Experience in a Security Operations, SOC, CSOC, or security analysis role
  • Minimum 1 year of experience
• Strong proficiency in log analysis across multiple data sources (SIEM experience required; Splunk preferred)
• Solid understanding of:
  • Enterprise networking concepts and the TCP/IP stack
  • Endpoint and network security controls
  • Windows, Linux, and macOS operating systems
• Familiarity with security technologies such as EDR, antivirus, firewalls, VPNs, and identity systems
• Ability to follow playbooks while adapting confidently when procedures are incomplete or unavailable
• Comfortable working independently, prioritizing alerts, and making escalation decisions
• Clear written and verbal communication skills, particularly for investigation documentation
• A professional, customer‑focused approach when working with internal stakeholders

Preferred Qualifications

• Experience working in a 24x7 SOC or CSOC environment
• Exposure to cloud platforms such as AWS, Azure, or GCP
• Experience with event correlation, enrichment, or alert tuning
• Familiarity with scripting or automation (e.g., Python, PowerShell, Bash)
• Relevant security certifications (e.g., Security+, GCIH, GCED, or similar)
• Degree or formal training in information security, computer science, or a related field

Does this sound like you?

Apply if you think we're a good match. We'll get in touch to let you know what the next steps are, but in the meantime feel free to have a look at: https://www.bloomberg.com/company/what-we-do/