Application Analyst, Data
PLOS
Cyber SecuritySQLTableau
Job Level
Senior
Tech Stack
CloudCyber SecuritySplunkSQL
About the role
- Investigate and remediate detections from security tooling across a global customer base
- Triage alerts, distinguish false positives from genuine threats, and execute remediation using built-in capabilities and remote PowerShell commands
- Handle customer queries via the MDR mailbox, assist with user management and investigations, and monitor detection trends to optimise allow/block listing
- Support onboarding of new customers by guiding tool deployment and contributing to ongoing account management
- Create technical resources such as PowerShell scripts to automate threat identification and remediation
- Actively contribute to improving operational processes and technologies and help assess new tools
- Mentor team members, sharing expertise in detection analysis, customer support, and proactive threat hunting
Requirements
- Solid experience in Security Operations (SecOps), particularly detection and response
- Proven ability to investigate and remediate incidents using EDR/XDR tools
- Working knowledge of log query languages such as SQL, Splunk, or KQL
- Strong grasp of endpoint security, networking protocols, and cloud technologies
- Scripting or programming experience for security tooling and SOAR platforms
- Familiarity with the Mitre ATT&CK framework
- Understanding of Microsoft Windows Active Directory environments
- Experience using PowerShell for remote remediation and automation
- Experience with customer support, onboarding and account management
