
501 - 1000 employees
Founded 2010
☁️ SaaS
🔒 Cybersecurity
🏢 Enterprise
💰 $130M Private Equity Round on 2021-09
SaaS • Cybersecurity • Enterprise
Saviynt is a leading provider of cloud-based identity and access management (IAM) solutions. Their platform, known as the Identity Cloud, offers comprehensive identity governance, administration, and application access governance. Saviynt's solutions focus on secure identity management, ensuring compliance, modernizing legacy systems, and supporting multi-cloud environments. They serve a wide range of industries including healthcare, financial services, and government sectors. Leveraging AI/ML, Saviynt provides in-depth insights and analytics for enhanced identity security. They are recognized for their robust capabilities in identity governance and administration, helping organizations to efficiently manage and protect employee, contractor, partner, and machine identities.
🕒 March 4
🇬🇧 United Kingdom – Remote
⏰ Full Time
🟡 Mid-level
🟠 Senior
🛡️ Security Operations
🇬🇧 UK Skilled Worker Visa Sponsor
Improve your chances of getting an interview by checking your resume score before you apply.

501 - 1000 employees
Founded 2010
☁️ SaaS
🔒 Cybersecurity
🏢 Enterprise
💰 $130M Private Equity Round on 2021-09
SaaS • Cybersecurity • Enterprise
Saviynt is a leading provider of cloud-based identity and access management (IAM) solutions. Their platform, known as the Identity Cloud, offers comprehensive identity governance, administration, and application access governance. Saviynt's solutions focus on secure identity management, ensuring compliance, modernizing legacy systems, and supporting multi-cloud environments. They serve a wide range of industries including healthcare, financial services, and government sectors. Leveraging AI/ML, Saviynt provides in-depth insights and analytics for enhanced identity security. They are recognized for their robust capabilities in identity governance and administration, helping organizations to efficiently manage and protect employee, contractor, partner, and machine identities.
• Act as the final escalation point for complex incidents originating from L1/L2 analysis. • Lead investigations into high-severity security events, including those impacting AWS, Azure, Kubernetes clusters and hybrid environments. • Perform advanced forensic analysis across endpoints, cloud workloads, and network telemetry to determine root cause, impact, and remediation actions. • Correlate telemetry from SIEM, EDR, CSPM, and cloud-native sources to identify sophisticated attack chains. • Design, develop, and maintain automated response playbooks within the SOAR platform to improve response efficiency. • Build and maintain automation scripts (Python, Go, etc.) for alert enrichment, evidence collection, and containment. • Integrate security platforms via APIs to enable streamlined, automated detection and response workflows. • Identify opportunities to reduce Mean Time to Detect (MTTD) and Mean Time to Respond (MTTR) through automation and process optimisation. • Conduct proactive threat hunting across enterprise and cloud environments using intelligence-driven and hypothesis-based methodologies. • Serve as an SME for cloud security monitoring leveraging tools such as AWS GuardDuty, CloudTrail, CrowdStrike, and Proofpoint. • Develop and tune SIEM detections, correlation rules, and EDR queries aligned to MITRE ATT&CK tactics and emerging threat intelligence. • Provide technical mentoring and guidance to L1/L2 analysts to strengthen SOC capability. • Maintain and enhance SOC documentation including SOPs, runbooks, and response playbooks. • Analyse incident trends and operational metrics to recommend improvements in detection coverage, automation effectiveness, and security posture.
• Bachelor’s degree in Computer Science, Cybersecurity, or related discipline (or equivalent industry experience). • Extensive experience in Security Operations with demonstrable time in a senior analyst, threat hunter, or L3 role. • Strong hands-on experience in cloud security monitoring and incident response across AWS, Azure, or GCP. • Proven scripting and automation capability using Python, Go, PowerShell, Bash, etc. • Practical experience with SOAR platforms (e.g., CrowdStrike Fusion SOAR) and SIEM technologies (e.g., CrowdStrike Falcon, Splunk, QRadar, Microsoft Sentinel). • Deep understanding of EDR tooling, host/network forensics, and detection engineering practices. • Strong working knowledge of the MITRE ATT&CK framework and its application in threat detection and hunting.
• UK Citizenship is mandatory due to data residency, customer contractual obligations, and potential security clearance requirements. • Candidates must have the unrestricted right to work in the United Kingdom. • Availability during weekends and outside standard working hours is expected to support critical incidents and urgent escalations.
Apply Now