# Embedded Cyber Detection and Response Analyst

> Control Risks · London, United Kingdom (Hybrid) · Contract · Posted 2026-07-15

**Workplace:** hybrid

**Department:** I&I Embedded

## Description

The Cyber Detection and Response Analyst supports day-to-day detection, investigation, and response activities as part of a Cyber Detection and Response Team (DART). This is a hands-on technical role focused on identifying, analysing, and responding to cyber threats across the client’s environment, working closely with Security Engineering and broader security stakeholders.

**This role will be a part of a 24/7 team and cover one of two shifts: Sunday-Thursday 9:00 am-5:00 pm GMT or Tuesday-Saturday 9:00 am-5:00 pm GMT**

## Requirements

**Responsibilities**

-   Monitor, triage, and investigate security alerts and events across endpoint, network, cloud, and identity systems.
-   Support incident response activities including analysis, containment, remediation, and documentation.
-   Execute established incident response playbooks and contribute to their continuous improvement.
-   Perform threat hunting activities to identify potential compromises and gaps in detection coverage.
-   Leverage threat intelligence to inform investigations and detection tuning.
-   Collaborate with Security Engineering to tune detection logic and improve security controls.
-   Produce clear, concise incident reports and support root cause analysis and remediation efforts.
-   Support on-call rotations and escalation processes as part of a 24/7 detection and response capability.

Qualifications

-   3–5 years of experience in cybersecurity, with a focus on incident response, SOC operations, or cyber defense.
-   Hands-on experience with SIEM, EDR/XDR, and log analysis tools (e.g., Splunk, Sentinel, CrowdStrike).
-   Practical understanding of incident response methodologies and frameworks such as MITRE ATT&CK and NIST.
-   Familiarity with threat hunting, malware analysis, or forensic investigation techniques.
-   Exposure to cloud environments (AWS, Azure, or GCP) and modern enterprise architectures is preferred.
-   Strong analytical and problem-solving skills, with the ability to communicate technical findings clearly.
-   Relevant certifications (e.g., Security+, GCIH, GCIA, or equivalent) are a plus.

## Apply

[Apply at Control Risks](https://apply.workable.com/control-risks-6/j/F7B7BD6054/apply)

---
Powered by [Workable](https://www.workable.com)
