Cyber Defence Analyst (London)

Role Responsibilities

• Investigate, record and respond to SIEM alerts, determine scope and severity of incidents, and coordinate containment and remediation efforts.
• Define, implement and continuously improve operational security processes and runbooks to align with compliance standards and evolving threats.
• Assist with integrating and configuring security tooling, ensuring effective data ingestion, enrichment and alerting across the environment.
• Participate in threat hunting activities to proactively identify suspicious behaviour and improve detection coverage.
• Deliver effective vulnerability management: analyse scanning outputs, coordinate with technology teams and ensure timely notification and remediation tracking.
• Participate in the out-of-hours, on-call rotation, supporting incident response efforts during non-core hours.
• Enforce security processes and requirements across the business.

Experience Required

• Knowledge of SIEM tooling, designing and implementing use cases & documenting KBAs.
• Strong knowledge of KQL.
• Proven experience in incident response and handling.
• Automate alert triage and response using SOAR playbooks integrated with SIEM.
• Detect anomalous user behavior by correlating identity and activity patterns in SIEM.
• Experience contributing to cybersecurity operations in a professional or structured environment.
• Demonstrated commitment to continuous self-study.
• Experience working with an MSSP.
• Technical knowledge of access management and security controls.
• Strong collaboration skills with the ability to work across teams and stakeholders.
• A strong desire to drive security innovation across the firm.

Advantageous

• Relevant technical cyber security certifications are desirable.
• Knowledge on task automation/scripting would be hugely beneficial.
• Experience with Microsoft suite (Defender/Azure), query-based SIEM (e.g. Splunk) and orchestration platforms.
• Experience in financial services or other highly regulated environments.
• Prior involvement in threat hunting activities.

About Insight Investment

Insight is committed to being an inclusive employer and encourages applications from all suitably qualified applicants irrespective of background, circumstances, age, disability, gender identity, ethnicity, religion or belief and sexual orientation. If you are a candidate with a disability, or are assisting a candidate with a disability, and require an accommodation to apply for one of our jobs, please email us at

Insight Investment is a leading asset manager focused on designing investment solutions to meet its clients' needs. Founded in 2002, Insight's collaborative approach has delivered both investment performance and growth in assets under management. Insight manages assets across its core liability-driven investment, risk management, full-spectrum fixed income, currency and absolute return capabilities.

Insight has a global network of operations in the UK, Ireland, Germany, US, Japan and Australia. More information about Insight Investment can be found at: