Application Analyst, Data
PLOS
Cyber SecuritySQLTableau
Job Level
Senior
Tech Stack
CloudCyber SecuritySplunkSQL
About the role
- Operate and deliver a managed detection and response (MDR) service for a global customer base
- Triage alerts from security tools, distinguish false positives from genuine threats, and execute remediation
- Handle customer queries via the MDR mailbox, assist with user management and investigations
- Monitor detection trends and optimise allow/block listing
- Support onboarding of new customers by guiding tool deployment and contributing to account management
- Actively contribute feedback to improve operational processes and assess new tools
- Create technical resources such as PowerShell scripts to automate threat identification and remediation
- Mentor team members and share expertise in detection analysis, customer support, and proactive threat hunting
Requirements
- Solid experience in Security Operations (SecOps), particularly in detection and response
- Proven ability to investigate and remediate incidents using EDR/XDR tools
- Established investigation and log analysis skills
- A working knowledge of log query languages such as SQL, Splunk, or KQL is essential
- Strong grasp of endpoint security, networking protocols, and cloud technologies
- Scripting or programming experience for security tooling and SOAR platforms
- Familiarity with the Mitre ATT&CK framework
- Understanding of Microsoft Windows Active Directory environments
- Ability to execute remediation using built-in capabilities and remote PowerShell commands
- Experience supporting customers with queries, user management, and onboarding
