Cyber Security Operations Specialist

Salary: £75,000 - 75,000 per year

• We require at least 2 years of experience as a Cyber Security Operations Analyst.
• We require experience working with Splunk and SIEM operations.
• We require proven experience across the end-to-end incident response lifecycle.
• We require experience in detection engineering and alert development.
• We require strong scripting or programming skills, ideally in Python and Bash; experience with C/C++ or Java is also valuable.
• We require solid cybersecurity fundamentals, including network security, cloud security, cryptography, and forensics.
• We require understanding of common network protocols and attacker abuse patterns.
• We require awareness of current APT groups and their tactics, techniques, and procedures.
• We require knowledge of analysis techniques for Windows and/or Linux environments.
• We require familiarity with threat intelligence frameworks and methodologies.
• We require candidates to be eligible for un-caveated UK SC Clearance.
• We require the ability to work in Glasgow on a hybrid basis and participate in on-call availability approximately one week per month.

• We develop, maintain, and optimise detection content, primarily within Splunk SIEM, to identify threats across cloud, endpoint, and network environments.
• We collaborate across security functions to identify gaps in logging, alerting, and detection coverage aligned to business risk.
• We improve SecOps processes by recommending enhanced logging, identifying trends, and driving operational optimisation.
• We conduct security monitoring, alert triage, and continuous improvement of detection rules on a rotating schedule.
• We lead and support incident response investigations, ensuring high-quality documentation and escalation.
• We mentor and support junior analysts through guidance, coaching, and technical oversight.
• We serve as a technical subject matter expert on client engagements and present findings and recommendations to senior stakeholders.
• We participate in alert testing, readiness exercises, and incident response tabletop sessions.
• We stay current on emerging threat intelligence, attacker techniques, and relevant research.
• We provide on-call support for high-priority incident response when required.

• Bash
• Cloud
• Cryptography
• Support
• Java
• Linux
• Network
• Python
• Security
• Splunk
• Windows

We are a high-performing Blue Team operating at the forefront of modern security operations, and we are seeking an accomplished Senior Cyber Operations Analyst to join us in Glasgow on a hybrid basis. This is a technical, hands on role for a senior analyst with strong engineering instincts, coding capability, and deep experience in incident response and detection engineering. We offer a salary of up to £75,000 plus on call compensation, and the role includes approximately one week per month of on call availability, with frequency varying by client. We are looking for a curious, proactive professional who is ready to advance their career and make a strong impact within a technically driven security team.