Cyber Defence Analyst

Cyber Defence Analyst

About GKN Automotive 

GKN Automotive is a world-leading global automotive technology company at the forefront of innovation. Its origins date back to 1759 and for the last 70 years it has been putting key technologies into series production. 

We are the trusted partner for most of the world’s automotive companies, specialising in developing, building, and supplying market-leading drive systems and advanced ePowertrain technologies. 

GKN Automotive is part of Dowlais Group plc, a specialist engineering group focused on the automotive sector. 

What you’ll do: 

The Cyber Defence Analyst plays a meaningful role in improving the organisation’s security posture by bridging the gap between incident response and vulnerability management. Operating in a hybrid model, this role works closely with a supplier landscape that provides first-line monitoring and escalates incidents for further investigation. As such, the Cyber Defence Analyst is expected to operate at a level capable of handling complex investigations, leading response efforts, and driving remediation activities.

This role supports both the Security Monitoring and Vulnerability Management functions, ensuring a cohesive, end-to-end approach to cyber defence. By responding to threats in real time and proactively reducing the organisation’s exposure to future risks, the Cyber Defence Analyst helps maintain a resilient and unified security operation.

As this role operates within a dynamic Security Operations environment, there may be occasions where you will be required to provide surge capacity in response to emerging security incidents, emerging threats, or urgent vulnerability disclosures. This includes stepping in to support urgent investigations, remediation efforts, or other time-sensitive security activities that may arise to protect the business.

Key responsibilities include:

• Serve between Security Monitoring and Vulnerability Management teams.
• Act as a key responder to security incidents, driving investigation, containment, and recovery activities.
• Assist in identifying, assessing, and tracking remediation of vulnerabilities across the organisation.
• Perform in-depth analysis of security alerts, logs, and telemetry from SIEM, EDR, and other security tools.
• Support scanning, reporting, and communication of vulnerability data to collaborators.
• Develop and refine detection logic to improve visibility and reduce false positives, using frameworks such as MITRE ATT&CK.
• Maintain and improve incident response playbooks, ensuring they reflect current threats and standard methodologies.
• Know the latest threat actor tactics, techniques, and procedures (TTPs) and apply them to improve defences.
• Find opportunities to automate repetitive tasks across security monitoring and vulnerability workflows.
• Promote a unified approach to cyber defence, avoiding siloed operations.
• Support initiatives that strengthen the organisation’s overall cyber resilience.

What you’ll need:

• Demonstrable experience in information security, with a focus on security operations.
• Proven track record in stakeholder and partner/vendor management and collaboration across various groups.
• Experience handling incidents and supporting complex investigations.
• Hands-on experience with technical tools commonly used in Security Operations, including but not limited to SIEM platforms (e.g., Microsoft Sentinel), Endpoint Detection and Response (EDR) solutions, Threat Intelligence platforms (e.g., KELA), and Vulnerability Management tools (e.g., Qualys).
• Confident in analysing logs from various sources such as endpoints, networks & cloud services.
• Ability to apply threat intelligence to enrich investigations.
• Good understanding of relevant threat actors, relevant frameworks and CVSS scoring
• Ability to script or automate tasks.
• Familiarity with infrastructure, cloud, and application security principles.
• Able to write reports and tailor them to a mixture of collaborators.
• While certifications are not a strict requirement, they can improve a candidate’s profile by demonstrating relevant expertise. Any recognised security certifications will be considered, with value placed on those that demonstrate expertise in core blue team disciplines, as well as vulnerability and risk management.

Why you’ll love working here: 

• Market-leading company with lots of potential
• Opportunity to take part in brand-new company projects
• Attractive salary and benefits at a stable and financially healthy company
• An organisation where you can commit to the long-term
• Working in the OneIT team with colleagues around the globe

How to apply: 

Please follow the link on our careers page and submit your resume in English because we are an international environment, and English is our business language. 

If you need any adjustments made to support your application, for example, if you require information in different formats, or if you have any accessibility issues, then we have a process in place to support you – please feel free to get in touch with us at accommodations@gknautomotive.com (mailto:accommodations@gknautomotive.com) 

Deadline: 

The closing date will be July 25th

GKN Automotive is the market leader in conventional, all-wheel and electrified drive systems and solutions. With a comprehensive global footprint, we design, develop, manufacture and integrate an extensive range of driveline technologies for over 90% of the world’s car manufacturers. 

As a global engineering company, innovation is what differentiates us from our competitors and is central to our success. A balance of cultures, ethnicities and genders help bring new ideas and creativity to GKN Automotive. We need people of different backgrounds, with different skills and perspectives to spark originality, imagination and creativeness in our teams around the world. 

GKN Automotive is an equal opportunity employer. We treat all our employees and applicants fairly and are committed to ensuring that there is no discrimination or harassment against any employee or qualified applicant on the grounds of age, race, creed, colour, national origin, ancestry, marital status, affectional or sexual orientation, gender identity or expression, disability, nationality, sex, or veteran status or any other characteristic protected by law. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process. Please contact us to request any such accommodation. 

#li-bf1

#LI-hybrid