Application Analyst, Data
PLOS
Cyber SecuritySQLTableau
Job Level
Senior
Tech Stack
CloudCyber SecuritySplunkSQL
About the role
- Triage alerts from security tools, distinguish false positives from genuine threats, and execute remediation using built-in capabilities and remote PowerShell commands
- Handle customer queries via the MDR mailbox, assist with user management and investigations, and monitor detection trends to optimise allow/block listing
- Support onboarding of new customers by guiding tool deployment and contributing to ongoing account management
- Actively contribute to improving operational processes and technologies by offering feedback and helping assess new tools
- Create technical resources—such as PowerShell scripts—to automate threat identification and remediation, enhancing service efficiency
- Perform proactive threat hunting based on threat intelligence data
- Mentor team members, sharing expertise in detection analysis, customer support, and proactive threat hunting to foster skill development
Requirements
- Solid experience in Security Operations (SecOps), particularly in detection and response
- Proven ability to investigate and remediate incidents using EDR/XDR tools
- Established investigation and log analysis skills
- Working knowledge of log query languages such as SQL, Splunk, or KQL
- Strong grasp of endpoint security, networking protocols, and cloud technologies
- Scripting or programming experience for security tooling and SOAR platforms
- Familiarity with the Mitre ATT&CK framework
- Understanding of Microsoft Windows Active Directory environments
- Experience creating PowerShell scripts and using remote PowerShell commands
- Experience supporting customer onboarding and handling customer security queries
