Job Specifications
This role is based in the UK and we unfortunately are not able to provide visa sponsorship.
Also, this is an experienced hire role. Please do not apply if you are seeking your first role in cyber security - look out for our Graduate SOC Analyst roles instead
What we're offering (saves you scrolling straight to the bottom):
Salary: PS40,000-46,000 depending on experience
Shares: We operate an EMI scheme and you will earn over time a slice of the CyPro pie.
Holiday: 25 days paid holiday plus bank holidays (increases by 1 day per year worked up to 30 days)
Flexible Working: We love getting the team together in the office, so we typically spend three days per week together in our lovely London office (39 floors up in Canary Wharf ). The rest of the time, you can work wherever you're most productive.
Working Hours: 4 days on, 4 days off, rotating day/night shifts
Training: Budget for one certification/course per year
Socials: We meet regularly to have a drink, throw some axes
Start Date: ASAP
About CyPro:
We are an innovative cyber security start-up united in a shared mission: to redefine cyber security for small and medium-sized businesses (SMBs).
Our Founders - Jonny & Rob - spent most of their early careers delivering cyber security for large enterprises and central government. They saw a clear need for a new approach to cyber security as SMBs became increasingly targeted by cyber criminals. By 2022, SMBs accounted for 75% of attacks, largely due to being easy targets.
Together, CyPro is already setting new standards, defining innovative solutions and equipping its clients with the cyber security they need to prevent attacks, secure bigger clients and scale to new heights.
We are growing quickly, and the next few years promise more of the same. Joining CyPro means becoming an integral part of our mission and joining a team of industry experts embarking on this journey.
The Role:
This isn't your typical SOC Analyst role where you're pigeonholed into one narrow specialism. At CyPro, you'll have the opportunity to get involved in a wide range of areas including monitoring, incident response, threat intelligence, detection engineering, automation and internal security operations.
You'll play a key role in our Security Operations Centre, delivering 365-day monitoring, detection and response to our growing customer base. You'll contribute to building out our capabilities, improving tooling and processes, and shaping how we operate as the function matures.
As the team grows further, you'll have the flexibility to focus more deeply on the areas that interest you most - whether that's advanced detection engineering, threat intelligence, incident response leadership or platform automation. If you're ambitious and want to help shape something rather than simply follow a process, this is the right environment for you.
Core Responsibilities:Security Monitoring & Incident Response
Monitor security alerts generated by Microsoft Sentinel, Microsoft Defender, Datadog and Elastic.
Assess severity and impact of alerts, triage and investigate incidents independently.
Execute containment and remediation actions using defined runbooks and playbooks.
Correlate data across platforms to identify anomalies, malicious patterns and attacker behaviour.
Produce detailed incident reports, RCA and after-action reviews for internal and client use.
Maintain accurate incident records in JIRA Service Management.
Detection Engineering
Develop and implement new detection rules in Microsoft Sentinel aligned to the MITRE ATT&CK framework.
Draft and optimise KQL queries for detection and threat hunting.
Refine existing detection logic based on false positive analysis and threat evolution.
Threat Intelligence & Enrichment
Analyse threat intelligence feeds to identify relevant threats and vulnerabilities.
Review and tag IOCs and TTPs observed in client environments.
Participate in proactive threat hunting sprints to identify risks before they escalate.
Client Support & Reporting
Prepare weekly and monthly SOC reports highlighting activity, incidents and trends.
Join governance calls with senior analysts or managers to present SOC insights.
Respond to client queries regarding investigations, coverage and data flows.
Internal Security Operations
Support the management of CyPro's internal security environment.
Administer and monitor identity management solutions.
Manage and maintain our MDM platform to ensure secure and compliant device management.
Help ensure our internal security posture reflects the same standards we deliver to clients.
Process Improvement & Automation
Design and develop Logic Apps to automate incident response workflows.
Contribute to evolving internal runbooks and knowledge base articles.
Identify gaps in visibility, tooling or processes and propose solutions.
Professional Development
Work toward and maintain relevant certifications (e.g. SC-200, AZ-500).
Stay up to date with current threat trends, attacker
About the Company
Secure. Scale. Succeed.
We take care of cyber security for high-growth companies, at every stage of their journey.
We do this by crafting security capabilities that are perfect for your current size and ready to scale effortlessly in line with your future growth.
This gives peace of mind to your leadership team and enables you to win increasingly bigger clients.
Know more