Security Analyst (Fintech)

TL;DR

Security Analyst (Fintech): Managing the full lifecycle of security incidents across multiple domains in a cloud-native banking environment with an accent on web, email, endpoint, and identity security. Focus on maintaining detection rules, automation workflows, and incident response within Splunk Cloud SIEM to reduce false positives and improve detection accuracy.

Location: Must work 9 AM to 5:30 PM UK time and participate in on-call shifts outside of regular UK business hours

Company

A dynamic fintech company specializing in retail finance solutions, helping consumers split payments over time with ease.

What you will do

• Monitor and triage security alerts, ensuring prompt prioritization and escalation of critical and high-severity threats.
• Engage in all stages of incident management, including triaging, investigation, containment, remediation, and documentation.
• Maintain and enhance detection rules, automation workflows, and response playbooks within Splunk Cloud SIEM.
• Collaborate with internal SOC analysts, external MDR providers, and business teams to coordinate efficient incident response.
• Utilize EDR tools and email security platforms to proactively contain threats.
• Conduct continuous threat hunting and intelligence enrichment to stay ahead of evolving attack vectors.

Requirements

• 2-3 years of SOC L1-L2 experience with proven expertise in real-time security monitoring and incident response.
• Solid production AWS experience.
• Hands-on proficiency with Splunk Cloud SIEM: alert triage, rule tuning, and security data analytics.
• Operational experience with Endpoint Detection and Response and Email Security platforms.
• Familiarity with CASB/DLP solutions and vulnerability management.
• Fluent written and spoken English with clear, effective communication and documentation skills.

Nice to have

• Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or equivalent.
• Experience with SentinelOne, Cylance, Mimecast, Netskope, Fastly WAF/CDN, Tenable, SOCRadar, KnowBe4 Phishing Alert Button, Jira, Slack/MS Teams, and PagerDuty.
• Experience developing and tuning SIEM detection rules and incident response playbooks.
• Experience in threat intelligence and threat hunting processes.
• Relevant certifications such as CompTIA Security+, SSCP, GIAC, CISSP or equivalent.

Culture & Benefits

• Vacation as per the laws of your country.
• Health insurance policy for you and your loved ones.
• 10 days sick pay without a doctor's note, afterwards as per the laws of your country.
• Time off for state holidays according to the official calendar.
• Two large corporate parties and many small get-togethers for colleagues.
• Solving technical and everyday problems at work.