Cyber Defence Analyst

We have an exciting opportunity for a Cyber Defence Analyst to join our Information Security team in the A&O Shearman Belfast office. What you will do Investigate and prioritise Level 2 escalated events and alerts detected by the Managed Security Service Provider (MSSP) to identify potential incidents. Escalate to senior colleagues and stakeholders when necessary.

Investigate potential cyber‑security and data‑loss incidents raised by employees and third parties, following the defined playbooks for the Cyber Defence team. Respond to inbound queries to the information‑security mailbox, consulting with senior colleagues for advice where required. Participate in incident‑response activities, including CSIRT activities, for confirmed incidents in our local time zone: Conduct initial triage and investigation.

Assist with containment, mitigation, and remediation, ensuring forensic evidence is gathered and documented. Participate in security‑incident response exercises and contribute to post‑exercise reviews. Be part of the Cyber Defence on‑call rota, which may require out‑of‑hours work.

Pick‑up and hand‑off incident response activities with the Belfast team and other global teams as per our 24‑7 follow‑the‑sun model. Maintain awareness of current and emerging cyber‑threats, techniques, and procedures using threat intelligence from the Threat and Vulnerability Management team. Assist with the implementation and enhancement of new and existing cyber‑defence tools and processes.

Contribute to the maintenance and improvement of playbook and process documentation for Cyber Defence. Collaborate with other areas of the firm to improve the security posture by implementing controls and fostering awareness. Advise business stakeholders on Cyber Defence, translating complex technical concepts into business‑friendly language.

What you will have At least 1+ year’s experience in a security operations or similar technical security role. Operational‑level experience in at least two of the following domains: Security engineering, Alert triaging, Rule writing, Incident response, Digital Forensics and Incident Response (DFIR), Threat intelligence and management, Vulnerability management, or Security control testing. In‑depth understanding of networking and routing protocols (e.g.

TCP/IP) and services (e.g. DNS, SMTP). Experience with cyber‑defence technology and tooling, including SIEM solutions, IDS/IPS, threat and vulnerability management platforms, endpoint protection, and firewalls.

Highly analytical mindset with strong problem‑solving skills. Ability to interpret data flows, assess security events, and draw logical conclusions. Excellent written and verbal communication skills.

Ability to collaborate effectively across technical and non‑technical teams. High level of personal integrity and ethics, demonstrating appropriate judgment. A genuine passion for continuous learning and development in cybersecurity, staying up‑to‑date with the latest developments, trends, and technologies.

You will stand out if you have University‑level degree in Information Security, Computer Science, Engineering, Technology, or a related field. Industry‑recognised certifications such as CISSP, CEH, CISM, or CompTIA Security+. Practical programming or scripting experience, particularly with Python or PowerShell.

What we can offer you Occupational pension scheme Group income protection cover Private medical insurance Mental health resources and free apps Health and wellbeing services Parental and special leave Holiday entitlement increasing with length of service Hybrid working option – up to 40% of time from home Weekend working is required for this role; exact shift patterns will be discussed at interview. All weekend hours are eligible for premium payment in addition to base salary. We are an equal opportunities recruiter and do not discriminate on the basis of race, colour, sex, religion, sexual orientation, national origin, disability, or any other protected characteristic. #J-18808-Ljbffr