Senior Security Analyst

Made Tech


Job Location:

London - UK

Yearly Salary: £ 50000 - 60000
Posted on: 7 hours ago
Vacancies: 1 Vacancy

Job Summary

Made Tech helps UK public sector organisations build and run secure user-centred digital services. Our Cyber practice works directly with government departments agencies and other public bodies embedding alongside client teams to raise their security capability not just deliver a report and leave. As a Senior Security Analyst youll be a core part of that practice operating in a security operations context where the stakes are real: the systems we protect carry sensitive public data and underpin services that people depend on.

This is a hands-on technical role with genuine scope and influence. Youll lead threat hunts and intrusion investigations author and tune detection content and help your team respond to incidents in a way that leaves things better than you found them. Youll translate threat intelligence into actionable detections align your work to frameworks like the NCSC Cyber Assessment Framework and GovAssure and communicate clearly with client security stakeholders who need to understand whats happening and why it matters. Youll own significant pieces of the SOCs work end-to-end - not just executing tasks but making considered decisions and being clear about the trade-offs.

At Senior level though the role is about more than your own output. Youll help junior analysts develop their triage tradecraft normalise pairing on incident response contribute to shared detection standards across the practice and model the kind of blameless collaborative culture that makes a security team genuinely effective. If youre looking for a role where you can grow technically build real influence within a team and do meaningful work for the public sector this is it.

Key Responsibilities


  • Lead threat hunts and intrusion investigations form and test hypotheses map adversary activity against MITRE ATT&CK perform forensic artefact analysis and establish scope and root cause clearly enough that the team and client can act on your findings.

  • Author tune and peer-review detection content - treat detections as code (version-controlled reviewed) translate threat intelligence into new rules and contribute to iterative improvement of the SIEM ruleset; onboard new log sources including cloud and application feeds to close coverage gaps.

  • Own sub-cycles of the intelligence lifecycle - run structured collection against defined requirements track actor TTPs manage indicator lifecycles and produce situational-awareness products that inform both detection priorities and client risk decisions.

  • Lead incident response and drive improvement - co-ordinate containment across engineering and analyst teams communicate incident detail clearly to client stakeholders and turn every incident into improved detection content hardening or runbook coverage; design for resilience by anticipating failure modes and ensuring systems degrade gracefully.

  • Build SOAR playbooks and auto-triage - identify toil and repetition in analyst workflows and build automation that saves the team time and improves consistency without removing human judgement where it matters.

  • Align security operations to UK public sector standards - ensure investigations evidence handling and detection coverage reflect NCSC CAF Objective C GovAssure requirements and lawful-monitoring obligations; feed gaps back into risk governance.

  • Mentor junior analysts and raise team standards - pair deliberately on complex investigations review triage work share adversary tradecraft with the team and help create an environment where people feel safe raising concerns and learning from mistakes.

  • Contribute to the practice beyond your immediate engagement - improve shared SOC standards and onboarding documentation turn good solutions into reusable playbooks and accelerators the next team can pick up contribute detection content to practice-level repositories and engage with cross-government security communities such as NCSC CISP and relevant ISACs.

Skills Knowledge & Expertise


Essential
  • Hold one of the following - Systems Security Certified Practitioner (SSCP) CompTIA Security or an equivalent foundational operational security credential expected of Senior SOC analysts.

Desirable
Certifications that would strengthen your application:
  • Certified Cloud Security Professional (CCSP)
  • CompTIA Advanced Security Practitioner (CASP)
  • HTB Certified Defensive Security Analyst (HTB CDSA)

Capabilities that set strong applications apart:
  • Experience applying structured analytical techniques - ACH key-assumptions checks or similar to produce rigorous bias-resistant intelligence assessments and comfort peer-reviewing others analytic tradecraft.

  • Working knowledge of cloud security event investigation and cloud detection tuning particularly across AWS Azure or GCP environments including understanding of infrastructure-level telemetry.

  • Experience framing security findings in risk terms for non-technical stakeholders communicating likelihood impact and recommended treatment clearly and reflecting asset criticality and threat context in prioritisation decisions.

  • Evidence of building or improving SOAR playbooks automated triage workflows or equivalent automation that reduced analyst toil in a SOC or detection-engineering context.

  • Familiarity with UK government security frameworks in particular the NCSC CAF GovAssure and HMG Security Policy Framework and experience aligning detection or response work to those standards in a government or regulated environment.

  • Experience working within an agile or Kanban-based team model contributing to workflow improvement running or participating in retrospectives and helping the team improve its own practices not just delivering within them.

  • Experience acting as a trusted working-level contact for client security stakeholders anchoring on their actual outcomes raising concerns or opportunities proactively and contributing subject-matter expertise to proposals or bids.

Tools and practice familiarity:
  • Hands-on experience with at least one major SIEM platform (for example Splunk Microsoft Sentinel or Elastic Security) including writing and tuning detection rules.

  • Familiarity with threat intelligence platforms OSINT tooling or indicator lifecycle management in an operational context.

Made Tech sponsors attainment of recognised cyber certifications for staff in scope. If you dont yet hold the listed credentials but are actively working toward them or can demonstrate equivalent capability through experience wed encourage you to apply.

Job Benefits


SC Eligibility
An increasing number of our customers are specifying a minimum of SC (security check) clearance in order to work on their projects. As a result were looking for all successful candidates for this role to have eligibility.

Eligibility for SC requires 5 years UK residency and 5 year employment history (or back to full-time education). Please note that if at any point during the interview process it is apparent that you may not be eligible for SC we wont be able to progress your application and we will contact you to let you know why.

Support in applying
If you need this job description in another format or other support in applying please email

We believe we can use tech to make public services better. We also believe this can happen best when our own team represents the society that actually uses the services we work on. Were collectively continuing to grow a culture that is happy healthy safe and inspiring for people of all backgrounds and experiences so we encourage people from underrepresented groups to apply for roles with us.

When you apply well put you in touch with a member of our talent team who can help with any needs or adjustments we may need to make to help with your application. Weve put together this blog as a resource to share more about reasonable adjustments and some examples of what this could include. We also welcome any feedback on how we can improve the experience for future candidates.

Life at Made Tech
Were committed to building a happy inclusive and diverse workforce. You can get a sense of what its like working here from
our blog where we talk about mental health communities of practice and neurodiversity as well as our client work and best practice.

Were committed to building a happy inclusive and diverse workforce. You can get a sense of what its like working here from our blog where we talk about mental health communities of practice and neurodiversity (as well as our client work and best practice).

Like many organisations we use Slack to foster a sense of community and connection. As well as special interest groups such as music food and pets we also have 10 Slack channels dedicated to specific communities allies and identities as well as dedicated learning spaces called communities of practice (COPs). If youd like to speak to someone from one of these groups about their experience as an employee please do let a member of the Made Tech talent team know.

We are always listening to our growing teams and evolving the benefits available to our people. As we scale as do our benefits and we are scaling quickly. Weve recently introduced a flexible benefit platform which includes a Smart Tech scheme Cycle to work scheme and an individual benefits allowance which you can invest in a Health care cash plan or Pension plan. Were also big on connection and have an optional social and wellbeing calendar of events for all employees to join should they choose to.

Here are some of our most popular benefits listed below:

Required Experience:

Senior IC

Made Tech helps UK public sector organisations build and run secure user-centred digital services. Our Cyber practice works directly with government departments agencies and other public bodies embedding alongside client teams to raise their security capability not just deliver a report and leave. ...

About Company

Company Logo

We provide Digital, Data and Technology services to help organisations make a positive impact – fast.

View Profile View Profile