The Cyber Detection and Response Analyst supports day-to-day detection, investigation, and response activities as part of a Cyber Detection and Response Team (DART). This is a hands-on technical role focused on identifying, analysing, and responding to cyber threats across the client’s environment, working closely with Security Engineering and broader security stakeholders.
This role will be a part of a 24/7 team and cover one of two shifts: Sunday-Thursday 9:00 am-5:00 pm GMT or Tuesday-Saturday 9:00 am-5:00 pm GMT
Requirements
Responsibilities
- Monitor, triage, and investigate security alerts and events across endpoint, network, cloud, and identity systems.
- Support incident response activities including analysis, containment, remediation, and documentation.
- Execute established incident response playbooks and contribute to their continuous improvement.
- Perform threat hunting activities to identify potential compromises and gaps in detection coverage.
- Leverage threat intelligence to inform investigations and detection tuning.
- Collaborate with Security Engineering to tune detection logic and improve security controls.
- Produce clear, concise incident reports and support root cause analysis and remediation efforts.
- Support on-call rotations and escalation processes as part of a 24/7 detection and response capability.
Qualifications
- 3–5 years of experience in cybersecurity, with a focus on incident response, SOC operations, or cyber defense.
- Hands-on experience with SIEM, EDR/XDR, and log analysis tools (e.g., Splunk, Sentinel, CrowdStrike).
- Practical understanding of incident response methodologies and frameworks such as MITRE ATT&CK and NIST.
- Familiarity with threat hunting, malware analysis, or forensic investigation techniques.
- Exposure to cloud environments (AWS, Azure, or GCP) and modern enterprise architectures is preferred.
- Strong analytical and problem-solving skills, with the ability to communicate technical findings clearly.
- Relevant certifications (e.g., Security+, GCIH, GCIA, or equivalent) are a plus.
Skills Required
- 3-5 years of experience in cybersecurity with focus on incident response, SOC operations, or cyber defense
- Hands-on experience with SIEM, EDR/XDR, and log analysis tools (e.g., Splunk, Sentinel, CrowdStrike)
- Practical understanding of incident response methodologies and frameworks such as MITRE ATT&CK and NIST
- Familiarity with threat hunting, malware analysis, or forensic investigation techniques
- Exposure to cloud environments (AWS, Azure, or GCP) and modern enterprise architectures
- Strong analytical and problem-solving skills and ability to communicate technical findings clearly
- Relevant certifications (e.g., Security+, GCIH, GCIA, or equivalent)
What We Do
Control Risks exists to make our clients succeed. We are a specialist risk consultancy that helps to create secure, compliant and resilient organisations in an age of ever-changing risk. Working across disciplines, technologies and geographies, everything we do is based on our belief that taking risks is essential to our clients’ success. We provide you with the insight to focus resources and ensure you are prepared to resolve the issues and crises that occur in any ambitious global organisation. We go beyond problem-solving and give you the insight and intelligence you need to realise opportunities and grow. From the boardroom to the remotest location, we have developed an unparalleled ability to bring order to chaos and reassurance to anxiety.
.png)








