We’re looking for a Senior Security Analyst to join us in either Amsterdam or Reading. In this role, you'll be part of the technical leadership driving our operational security incident response across our global network. You'll work closely with Incident Managers and other technical teams to detect, respond to, and recover from cyber-attacks—all while proactively defending against emerging threats through intelligence-led threat hunting. This role is a key pillar in our Group Security division, empowering our well-known consumer brands across Europe to stay secure in a fast-evolving digital landscape. You will be focused on supporting our Telenet brand in Belgium with regular travel to the Offices in Mechelen, Belgium and become the single point of contact for all Incident Response activities working with the local Telenet security team providing Incident Management coordination. What will you be doing? Incident Response & Threat Handling Technical Lead for Incidents: Act as the go-to expert during complex cyber incidents, guiding containment, eradication, and recovery efforts. Forensic & Malware Analysis: Perform deep-dive investigations, including advanced malware analysis, extraction of Indicators of Compromise (IoCs), and mapping out Tactics, Techniques, and Procedures (TTPs). Cross-Functional Collaboration: Work closely with Incident Managers, Incident Commanders, and other technical teams to coordinate an effective response, ensuring clear communication and precise prioritisation. Technical Escalation & Mentorship Escalation Point: Serve as the technical escalation point for SOC analysts, providing expert guidance and supporting junior team members through hands-on coaching and knowledge-sharing. Team Development: Lead, mentor, and inspire your team by driving forward threat hunting, adversary emulation, and cutting-edge threat mitigation methodologies. Knowledge Sharing: Assist in developing training sessions and workshops to continuously enhance the team's technical skills and capabilities. Detection Engineering & Security Enhancements Proactive Defence: Develop and fine-tune detection rules, playbooks, and automation scripts that improve SOC efficiency and help pre-empt potential attacks. Security Architecture: Collaborate with cross-functional teams to enhance security controls and suggest improvements to our overall security architecture. Data Analysis: Leverage tools like Splunk, Elastic, and other analytical platforms to analyse diverse log sources, normalise data, and identify emerging threats across our infrastructure. Documentation & Reporting Incident Reporting: Create comprehensive incident reports, including root cause analyses and executive summaries, to ensure stakeholders are well-informed. Process Improvement: Maintain and enhance SOC playbooks, runbooks, and standard operating procedures (SOPs) while contributing to SOC maturity assessments. Technical Reporting: Provide regular technical and management reporting to demonstrate the effectiveness and value of the team’s work. We tend to look for people with: Extensive experience in managing, investigating, and responding to cyber incidents, with hands-on experience in a dynamic SOC or Incident Response role. Technical Expertise: Strong understanding of intrusion detection, forensic investigations, vulnerability management, and advanced security technologies (SIEM, IDS/IPS, EDR, and firewalls). Analytical Skills: Proficiency in analysing log sources and data normalization using platforms such as Splunk, Elastic, or similar. Frameworks & Methodologies: Deep knowledge of the MITRE ATT&CK framework, Cyber Kill Chain, NIST, and related methodologies. Communication: Excellent verbal and written communication skills, with the ability to work both independently and collaboratively. Desirable Certifications: Possession of or willingness to attain certifications such as GCIH, GCIA, GREM, OSCP, CISSP, or equivalent. Cloud & Advanced Tools: Experience with cloud security monitoring and incident response tools (AWS GuardDuty, Azure Sentinel) and familiarity with sandboxing and reverse engineering tools. SIEM: Experience in SPLUNK Cloud observability platform and Crowdstrike. Global Perspective: Prior experience coordinating cross-organisational responses in a global business environment. What We Expect from You A proactive, hands-on technical approach to managing security incidents and escalations. The ability to lead, making critical technical decisions when it matters most. A continuous learning mindset, always keeping up to date with evolving threats and technologies. A strong passion for mentoring and developing junior analysts, thereby strengthening our SOC team. Excellent problem-solving, analytical, and communication skills—because in our world, the “sky’s the limit” is more than just an attitude. What’s in it for you? Competitive salary Bonus Company pension contribution up to 10% 25 days annual leave with the option to purchase 5 more and paid volunteering Access to physical and mental health benefits such as the Calm app, personal medical, critical illness cover and dental insurance Access to our car benefit scheme Professional development including upskilling, mentoring, and access to online learning Great office and hybrid work environment The chance to join an innovative, fast-paced and passionate team Who we are: Join Liberty Global and Shape Tomorrow’s Connections Today Liberty Global is a dynamic team of veteran operators and investors committed to generating and delivering value through the strategic management of our three platforms: Liberty Telcom, Liberty Growth and Liberty Services. We prioritize diversity, equity, and sustainability, using technology for good. If you're curious, resilient and have a limitless mindset, join our high-performing team. Liberty Global is an equal opportunity employer, committed to an inclusive environment and accommodating all candidates. We’re eager to hear from you, no matter your background. This Direct Search is handled exclusively by Liberty Global. We kindly ask agencies not to send applications and we don’t offer compensation for unsolicited CVs