- Senior
- Oficina en London
This is an exciting opportunity for a senior analyst to play a key role in operating an innovative managed detection and response (MDR) service. The individual will be responsible for investigating and remediating detections from our security tooling across a growing global customer base, as well as supporting customers with queries and engaging in proactive threat hunting based on data from our threat intelligence sources.
The role is technically hands-on, requiring established investigation and log analysis skills. The candidate will also support the ongoing improvement of the service across people, process, and technology, and play a role in customer onboarding and management and information sharing with other internal teams.
About the role
You will play a pivotal role in service delivery by managing and responding to security detections and customer requests with urgency and clarity. Your responsibilities include:
- Triaging alerts from security tools, distinguishing false positives from genuine threats, and executing remediation using built-in capabilities and remote PowerShell commands.
- Handling customer queries via the MDR mailbox, assist with user management and investigations, and monitor detection trends to optimise allow/block listing.
- Additionally, you will support the onboarding of new customers by guiding tool deployment and contributing to ongoing account management.
- Actively contribute to improving operational processes and technologies by offering feedback and helping assess new tools.
- Creating technical resources—such as PowerShell scripts—to automate threat identification and remediation, enhancing overall service efficiency.
Furthermore, you will mentor team members, sharing expertise in detection analysis, customer support, and proactive threat hunting to foster skill development and strengthen team capabilities
About you
The ideal candidate will have solid experience in Security Operations (SecOps), particularly in detection and response, with a proven ability to investigate and remediate incidents using EDR/XDR tools. Other experience that we are looking for includes:
- A working knowledge of log query languages such as SQL, Splunk, or KQL is essential, alongside a strong grasp of endpoint security, networking protocols, and cloud technologies
- Scripting or programming experience for security tooling and SOAR platforms, familiarity with the Mitre ATT&CK framework, and an understanding of Microsoft Windows Active Directory environments.
Core Values
Love what you do:
We show up each day ready to take on the world. Our passion and intensity set us apart and makes the difference to our colleagues, customers, brokers and carriers.
Challenge everything:
We’re never afraid to question the way that things are done and we constantly challenge ourselves and others to makes things better.
Have fun, be good:
Insurance is a serious business, but we don’t take ourselves too seriously. We make it fun to work at CFC, we welcome all viewpoints, and we treat everyone how we would expect to be treated.
We show up each day ready to take on the world. Our passion and intensity set us apart and makes the difference to our colleagues, customers, brokers and carriers.
Challenge everything:
We’re never afraid to question the way that things are done and we constantly challenge ourselves and others to makes things better.
Have fun, be good:
Insurance is a serious business, but we don’t take ourselves too seriously. We make it fun to work at CFC, we welcome all viewpoints, and we treat everyone how we would expect to be treated.
