About Darkshield Darkshield is an expert cybersecurity agency based in York, UK. We help organisations navigate an increasingly complex digital landscape by providing expert services in penetration testing, vulnerability assessment, managed security, incident response, and compliance. Our mission is to protect businesses from cyber threats by delivering tailored security solutions that keep them resilient and secure. The Role We are seeking a Security Analyst to join our team and play a key role in threat detection, incident response, and security monitoring. The ideal candidate will have a strong analytical mindset, an understanding of cyber threats and attack techniques, and the ability to implement effective security controls to mitigate risks. This role involves proactively monitoring security events, investigating potential breaches, and supporting clients with vulnerability management and security best practices. About You You are passionate about cybersecurity and have a strong ability to think critically, solve complex problems, and anticipate security threats before they happen. You thrive in a fast-paced environment, working both independently and collaboratively as part of a security team. You are detail-oriented and have a methodical approach to analyzing security alerts, incidents, and vulnerabilities. You can clearly communicate security risks and recommendations to both technical and non-technical stakeholders. You are committed to continuous learning, staying up to date with emerging threats, attack techniques, and security technologies. You are proactive, adaptable, and always looking for ways to improve security operations. Key Responsibilities Threat Detection & Security Monitoring Continuously monitor SIEM, IDS/IPS, firewalls, and endpoint security tools to identify suspicious activity. Analyze and correlate security alerts to detect potential cyber threats and data breaches. Perform log analysis and anomaly detection to identify patterns indicative of compromise. Incident Response & Threat Investigation Investigate security incidents, phishing attempts, malware infections, and unauthorized access events. Develop and implement remediation strategies to mitigate security risks. Conduct digital forensics and root cause analysis on security breaches. Work closely with internal teams and clients to ensure swift containment and resolution of threats. Vulnerability Management & Security Operations Perform regular vulnerability scans and assessments, identifying security gaps and misconfigurations. Recommend and implement security improvements based on assessment findings. Optimize security configurations and policies across cloud and on-premise environments. Assist in security patch management and tracking remediation efforts. Security Policy & Awareness Assist in the development and enforcement of security policies, procedures, and best practices. Provide security awareness training to employees and clients to mitigate human-related risks. Stay informed on emerging cyber threats, attack techniques, and security technologies. Required Qualifications & Experience Technical Skills & Experience Experience in security monitoring, threat detection, or incident response. Strong understanding of security tools including SIEM, IDS/IPS, firewalls, and endpoint security platforms. Familiarity with log analysis, malware analysis, and digital forensics techniques. Knowledge of threat intelligence platforms and cyber threat hunting techniques. Experience with vulnerability assessment tools such as Nessus, Qualys, or OpenVAS. Understanding of network security, cloud security, and endpoint protection. Scripting & Automation (Preferred, Not Required) Basic proficiency in Python, PowerShell, or Bash for security automation. Ability to write scripts for log analysis, threat hunting, or security automation is a plus. Certifications (Preferred, Not Required) CompTIA Security, CEH (Certified Ethical Hacker), GCIH (GIAC Certified Incident Handler), or similar certifications are desirable. Soft Skills & Work Environment Strong problem-solving skills and ability to think like an attacker. Ability to work both independently and collaboratively within a security team. Effective communication and reporting skills to convey security findings to technical and non-technical stakeholders. Strong attention to detail with a methodical approach to security investigations. A passion for learning and keeping up with the latest security threats and technologies. Why Join Darkshield? Work on real-world cybersecurity threats and gain experience in high-impact security operations. Opportunity to develop and implement security controls across various industries. Career growth opportunities in a fast-growing cybersecurity agency. Flexible work environment – remote and hybrid options available. Competitive salary and performance-based incentives.