Cyber Operations Analyst (Tanium)
Atrium Workforce Solutions UK LimitedCyber Operations Analyst - Tanium/EDR/SIEM
Atrium EMEA are supporting a leading global financial services organisation in their search for Cyber Operations Analysts to support the operational rollout of new endpoint detection and response capabilities across a large enterprise estate.
This programme is focused on operationalising new detection capabilities, improving cyber readiness, and supporting endpoint telemetry and containment tooling as Tanium capabilities expand across the organisation.
Location: Hybrid -Cheshire, London, Northampton or Glasgow depending on your location - 2 days per week onsite
Day Rate: Up to £560 per day (Inside IR35)
Contract Length: 12 months initial contract with likely extensions
Key Responsibilities
* Operate, monitor and triage enhanced detection outputs generated through Tanium and SIEM integration.
* Support operational readiness for new containment capabilities deployed across the endpoint security platform.
* Validate and operationalise detection content delivered via CI/CD pipelines and Tanium telemetry ingestion.
* Correlate endpoint, device discovery and telemetry insights to support cyber investigations and incident response.
* Work with Tanium SMEs to assess capability gaps, document findings and support remediation of EDR issues.
* Support cyber incident response activities, providing endpoint expertise and rapid analysis during investigations.
* Maintain operational dashboards, reporting and KPI tracking for cyber governance and operational performance.
* Enhance playbooks and operational procedures to support new Tanium-driven detection capabilities.
Key Skills Required
* Experience working in Cyber Operations, SOC (Level 2 or Level 3), or Incident Response environments.
* Strong understanding of endpoint telemetry, EDR technologies and detection tooling.
* Experience triaging alerts from SIEM platforms, endpoint detection tools and security monitoring platforms.
* Exposure to Tanium or similar endpoint platforms such as CrowdStrike, SentinelOne, Defender or Carbon Black.
* Experience collaborating with Detection Engineering and Incident Response teams to improve detection and response capabilities.
* Strong analytical skills with the ability to investigate security alerts and identify potential threats.
* Excellent communication, documentation and stakeholder engagement skills.