Protect and enhance our customers’ security by leading investigations, response, and proactive threat hunting across diverse environments. This role combines hands-on detection and response with service uplift—driving automation, improving playbooks and processes, and mentoring analysts to deliver a high-quality MDR service at scale.
This is an exciting opportunity for a senior analyst to play a key role in operating an innovative managed detection and response (MDR) service. The individual will be responsible for investigating and remediating detections from our security tooling across a growing global customer base, as well as supporting customers with queries and engaging in proactive threat hunting based on data from our threat intelligence sources.
The role is technically hands-on, requiring established investigation and log analysis skills. The candidate will also support the ongoing improvement of the service across people, process, and technology, and play a role in customer onboarding and management and information sharing with other internal teams.
Service Delivery
- Act as a senior member of our team of security analysts, ensuring assigned detections and requests are addressed promptly, necessary technical actions are taken, and outcomes are clearly communicated to customers.
- Triage and analyse detections from security tooling deployed within our customers' environments to determine which are false positives and which are true positives requiring remediation.
- Perform remediation of malicious files, persistence mechanisms and other artefacts and threats, both through our security tools' built-in capabilities and remotely using PowerShell.
- Triage customer emails received via the MDR mailbox and provide support on requests including user management, ad hoc investigations, and security tool troubleshooting.
- Monitor for detection trends and identify opportunities for allow/block listing to improve service efficiency.
Contribute to new customer onboarding, including providing guidance on the deployment of our tools within customer environments, and ongoing customer management.
-
Service Development
- Provide ongoing feedback on processes and technologies, and support the development of documentation and assessment of potential new technologies to improve our service.
- Develop new technical material to automate/enhance our service (e.g. PowerShell scripts for automatic identification and remediation of common threats) and improve efficiency.
- Assist in developing team members' skills in detection analysis and remediation, customer query management, and proactive threat hunting through knowledge sharing and mentoring.
-
Strong SecOps judgement: You quickly separate signal from noise, assess risk, and choose the right containment/eradication approach.
- Clear communication: You can translate technical findings into practical advice that customers understand and can act on.
- Automation mindset: You look for repeatable tasks to script, standardise, or push into detection content and SOAR/playbooks.
- Calm under pressure: You prioritise effectively, handle multiple concurrent cases, and uphold quality documentation.
Experience
Essential
- Significant SecOps experience with a focus on detection and response.
- Experience Investigating and remediating security Incidents using EDR/XDR tools.
- Working knowledge of common log query languages/syntax (e.g. SQL, Splunk, KQL).
- Strong understanding of endpoint security, networking protocols, and cloud technologies.
- Excellent communication skills in written and spoken English and attention to detail.
Desirable
- Experience In programming/scripting for security tooling and SOAR platforms.
- Working knowledge of the Mitre ATT&CK framework.
- Understanding of Microsoft Windows Active Directory environments.
- Experience in playbook development, detection engineering, and control hardening.
- Mentoring or team leadership experience within a SOC/MDR context.
- Relevant certifications (e.g., GCIH, GCFA/GCFE, EDR vendor certifications, cloud vendor certifications, Security+) and/or a related degree.
-
Be part of a GLOBAL team (we have offices in the USA, UK and Australia)
- State of the art modern office
- Great team culture
- Fun social events
- Training opportunities
- Extra day off to celebrate your Birthday
- We also value experience and drive over traditional qualifications. We promote a healthy team dynamic through collaboration and are never too proud to ask each other for help.
We love our workplace, and we think you will too.
For more than 20 years, Solis has been protecting businesses from devastating cyber attacks. Our cyber security experts have a deep understanding of attacker behaviour gained from successfully managing thousands of cyber events each year.
Armed with cutting-edge technology and backed by unrivalled threat intelligence, we bring the deep technical expertise you need along with decades of experience supporting businesses across a variety of industries.
Solis is trusted by thousands of companies around the world. We work as an extension of your team - not a replacement - with the same goal in mind: to keep your business safe and operational
