Senior Cyber Security Analyst - DefOps

About Baringa

Baringa is a global consulting firm that partners with leaders to drive change and create value. With deep industry expertise, and enabled by advanced technology, the firm helps clients to deliver with greater confidence and certainty. With over 2,000 people across the UK, Europe, North America, Asia and Australia, the firm combines global insight with local understanding.

The firm works across energy and resources, financial services, government and public sector, consumer products and retail, pharmaceuticals and life sciences, manufacturing, and technology, media and telecoms, with capabilities spanning strategy, transformation and operational excellence – all powered by advanced technology, data, AI and digital innovation.

Clients value Baringa's collaborative approach and the way its teams integrate seamlessly – all working with a shared understanding of what matters most. The firm is known for its kind, curious experts who listen closely and care deeply about client success as they help clients transform energy markets, modernise financial platforms, expand telecoms and digital networks through advanced data analytics, enable digital services in government, and unlock growth in consumer sectors.

Certified as a Great Place to Work around the world, Baringa has been recognised by the Financial Times in 22 categories of its UK Leading Management Consultants rankings, and by Forbes for four consecutive years as one of the World's Best Management Consulting Firms.

Our Cyber team are looking for an experienced Senior Cyber Security Analyst to join the team

We are looking for a Senior Cyber Security Analyst to join our Defensive Operations team on a fixed-term basis. You will work across the full breadth of our defensive security capability - including advanced investigations, incident response, threat hunting, detection engineering, and vulnerability management. This is a hands-on senior role within a hybrid SOC model, where our MDR partner delivers 24/7 Tier 1/2 monitoring and triage, and the internal team focuses on everything beyond including: response, proactive threat operations, and continuous improvement of our security posture, and more

What you will be doing

• Conduct advanced investigations escalated from the MDR SOC and internally identified threats, including root cause analysis, evidence gathering, containment, and remediation across Microsoft Sentinel and Defender XDR.
• Support incident response activities through the full lifecycle - detection, analysis, containment, eradication, recovery, and lessons learned - and contribute to the development of IR playbooks and procedures.
• Contribute to MSSP oversight and quality assurance - reviewing escalation quality, providing feedback, and participating in joint detection tuning sessions.
• Develop and execute threat hunts based on threat intelligence, MITRE ATT&CK gap analysis, and incident learnings, converting findings into detection rules or tuning recommendations.
• Author and deploy detection content (KQL analytics rules) in Microsoft Sentinel, supporting the team's efforts to expand MITRE ATT&CK coverage and reduce detection gaps.
• Support vulnerability management activities, including assessment of identified vulnerabilities, prioritisation, and coordination with the Technology team on remediation.
• Produce operational metrics and MI reporting in support of governance and stakeholder reporting.
• Mentor junior analysts, providing technical