# Embedded Cyber Detection and Response Analyst

**Company:** [Control Risks](http://jobs.workable.com/companies/1eXXHxeg9VjpNhhwFSwcCW.md)
**Location:** London, United Kingdom
**Workplace:** hybrid
**Employment type:** Contract
**Department:** Intelligence & Investigations

[Apply for this job](http://jobs.workable.com/view/2c25c2e8-442a-4728-af78-e9f74a40151e)

## Description

The Cyber Detection and Response Analyst supports day-to-day detection, investigation, and response activities as part of a Cyber Detection and Response Team (DART). This is a hands-on technical role focused on identifying, analysing, and responding to cyber threats across the client’s environment, working closely with Security Engineering and broader security stakeholders.

**This role will be a part of a 24/7 team and cover one of two shifts: Sunday-Thursday 9:00 am-5:00 pm GMT or Tuesday-Saturday 9:00 am-5:00 pm GMT**

## Requirements

**Responsibilities**

-   Monitor, triage, and investigate security alerts and events across endpoint, network, cloud, and identity systems.
-   Support incident response activities including analysis, containment, remediation, and documentation.
-   Execute established incident response playbooks and contribute to their continuous improvement.
-   Perform threat hunting activities to identify potential compromises and gaps in detection coverage.
-   Leverage threat intelligence to inform investigations and detection tuning.
-   Collaborate with Security Engineering to tune detection logic and improve security controls.
-   Produce clear, concise incident reports and support root cause analysis and remediation efforts.
-   Support on-call rotations and escalation processes as part of a 24/7 detection and response capability.

Qualifications

-   3–5 years of experience in cybersecurity, with a focus on incident response, SOC operations, or cyber defense.
-   Hands-on experience with SIEM, EDR/XDR, and log analysis tools (e.g., Splunk, Sentinel, CrowdStrike).
-   Practical understanding of incident response methodologies and frameworks such as MITRE ATT&CK and NIST.
-   Familiarity with threat hunting, malware analysis, or forensic investigation techniques.
-   Exposure to cloud environments (AWS, Azure, or GCP) and modern enterprise architectures is preferred.
-   Strong analytical and problem-solving skills, with the ability to communicate technical findings clearly.
-   Relevant certifications (e.g., Security+, GCIH, GCIA, or equivalent) are a plus.
