We tackle the most complex problems in quantitative finance, by bringing scientific clarity to financial complexity.
From our London HQ, we unite world-class researchers and engineers in an environment that values deep exploration and methodical execution - because the best ideas take time to evolve. Together we’re building a world-class platform to amplify our teams’ most powerful ideas.
Security is foundational to this mission and must be delivered in a way that supports how our engineering teams build and operate complex systems at scale.
Take the next step in your career.
The roleAs a Senior CSIRT Analyst you will play a key role in G-Research’s Cyber Security Incident Response Team (CSIRT), specialising in cloud detection and response across AWS and hybrid environments.
You will investigate, respond and proactively hunt for threats across a diverse technology landscape, including high-performance compute clusters, Kubernetes and containerised infrastructures, and corporate Windows environments.
You will use cloud-native security tooling and multi-SIEM operations, such as Elastic, Azure, AWS, to strengthen detection and response capabilities. You will also participate in purple team and red team exercises, continuously validating and improving the team’s effectiveness against advanced adversaries.
As a senior member of the team, you will also mentor junior analysts, contribute to automation initiatives and support the on-call escalation rota for out-of-hours response.
Key responsibilities of the role include:
Investigating and responding to complex security incidents across cloud, hybrid, and on-premise environments
Proactively hunting for threats and developing detection logic across SIEM and cloud security systems
Participating in red and purple team exercises to test, validate and enhance detection and response capabilities
Developing and maintaining automation workflows using tools such as Tines and Python
Collaborating with engineering teams to improve log ingestion, detection rules and platform reliability
Mentoring and supporting junior analysts through knowledge sharing and technical guidance
Participating in the on-call escalation rota for out-of-hours incidents
Improving CSIRT processes, playbooks and threat models
The ideal candidate will have the following skills and experience:
Significant experience in cyber incident response, detection engineering or SOC and CSIRT operations
Strong cloud security expertise across AWS and Azure, including hands-on incident investigation
Proficiency with SIEM platforms and log analysis
Experience with red and purple team exercises and adversary simulation
Knowledge of containerised environments and cloud-native infrastructure security
Programming or scripting experience, preferably in Python, and exposure to automation platforms
Strong understanding of modern attack techniques, threat actors and the MITRE ATT&CK framework
Experience mentoring or leading within a security operations environment
Strong analytical skills with the ability to investigate complex threats, identify root causes and operate effectively under pressure
Collaborative approach with the ability to work across teams while supporting and developing others
Proactive mindset with an interest in automation and continuously improving detection and response
Why should you apply?
Highly competitive compensation plus annual discretionary bonus
Lunch provided (via Just Eat for Business) and dedicated barista bar
30 days’ annual leave
9% company pension contributions
Informal dress code and excellent work/life balance
Comprehensive healthcare and life assurance
Cycle-to-work scheme
Monthly company events
G-Research is committed to cultivating and preserving an inclusive work environment. We are an ideas-driven business and we place great value on diversity of experience and opinions.
We want to ensure that applicants receive a recruitment experience that enables them to perform at their best. If you have a disability or special need that requires accommodation please let us know in the relevant section
