About Cognita:
Founded in 2004, Cognita is a leading global schools group with 90 schools across 21 countries, united by a single purpose: empowering students to thrive in a rapidly evolving world. With 100,000 students and more than 22,000 dedicated colleagues across Asia, Europe, Latin America, the Middle East, and the United States, Cognita offers a truly global education experience. Our schools prioritise academic excellence and go beyond it - fostering resilience, adaptability, and a growth mindset to equip young people with the skills they need to succeed.
Technology & Innovation plays a critical role in enabling Cognita's strategy and long-term success by creating the conditions for schools to measurably thrive. Technology capabilities, platforms and tools shape the experiences of students, parents and employees, providing the secure, reliable foundations that enable forward-thinking education, passionate people, impactful leadership and high-performing operations across the Group. As we continue to grow, our cyber security maturity and resilience are key to protecting our communities, safeguarding sensitive data, and maintaining trust.
Cognita Schools now have an exciting opportunity for an experienced Senior Cyber Security Analyst join our fantastic team.
About the Role:
This role is part of Cognita's Cyber Defence function and reports to the Group Senior Manager, Cyber Security Operations. The Senior Cyber Security Analyst will strengthen the organisation's operational security capabilities across key areas such as detection engineering, incident response, vulnerability management, and secure configuration.
As a technical subject matter expert, the Senior Cyber Security Analyst will drive the optimisation and integration of Microsoft Sentinel, Microsoft Defender, and associated security technologies across the global estate. The role will also support the coordination and operational integration of vulnerability and threat management activities, including Microsoft Defender Vulnerability Management and external vulnerability scanning platforms.
The Senior Cyber Security Analyst will lead continuous enhancement of monitoring, detection, response and remediation processes, ensuring that security telemetry, vulnerability intelligence and threat insights are effectively integrated into operational security workflows.
Working closely with Group, Regional and school-based IT teams, the role will help ensure security tooling, controls and processes operate consistently across diverse and geographically dispersed environments. The position is also responsible for producing clear, actionable reporting that supports informed operational decision-making and strategic risk reduction across the organisation.
Key Responsibilities:
1. Detection Engineering & Automation
* Configure and optimise Microsoft Sentinel; integrate Microsoft and Google security tools.
* Develop and tune detection logic across Microsoft Defender and Google technologies.
* Build and maintain SOAR workflows (Logic Apps) for triage and response.
* Integrate security tools and improve monitoring coverage across environments.
* Maintain clear documentation for detections and workflows.
2. Incident Response & Management
* Lead end-to-end incident response (detection to recovery).
* Coordinate with cross-functional teams and provide stakeholder updates.
* Maintain and improve IR policies, procedures, and playbooks.
* Conduct post-incident reviews and drive continuous improvement.
3. Secure Configuration & Cloud Security
* Support secure configuration of Azure and cloud services.
* Maintain secure baselines across endpoints, servers, and Google Workspace.
* Configure Microsoft Defender policies and ensure alignment with standards.
* Promote secure-by-design practices with IT teams.
4. Threat & Vulnerability Management
* Support and improve vulnerability management processes.
* Assess vulnerabilities and drive remediation with stakeholders.
* Use threat intelligence to prioritise risks and improve defences.
* Track, report, and enhance cyber threat intelligence capabilities.
5. Collaboration & Security Culture
* Partner with global IT teams to support security operations.
* Act a