Knight Frank logo

Security and Privacy Operations Analyst

Knight Frank
3 hours ago
Full-time
On-site
London, England, United Kingdom
Analyst

Who are we

Founded in 1896, Knight Frank was registered as Knight Frank LLP a Limited Liability Partnership, on 3 November 2003, registered in England & Wales at 55 Baker Street, London, W1U 8AN with the registered number of OC305934. Headquartered in London, UK, Knight Frank is one of the world's leading independent real estate consultancies. We work responsibly in partnership to enhance people's lives and environments in over 50 Markets, 600+ Offices, 20,000+ People, 1 Global Network.

At the heart of all we do are our Clients. A relationship built on trust is vital. As trusted partners in property, we act with integrity and care, understanding our clients’ unique needs and consistently thinking about the bigger picture to provide personalised, clear and considered advice across all areas of property. Through our deep understanding of key markets and sectors – both emerging and established – we are dedicated to meeting and exceeding their property goals.

A true partnership is a balanced one, and our People are passionate about, and committed to, making our business inclusive and diverse. We give every individual the space and opportunity to perform at their best and be recognised for the immense value they bring. We empower everyone to have autonomy in their role and encourage them to use their voice in how we can make a positive impact as a firm and shape the future of real estate, the built environment and the impact on the communities we serve. Our collaborative and engaged teams provide excellent and dedicated client service. In our workplace, opinions are respected, everyone is invited to contribute to the success of our business and innovation, and new ideas are celebrated.

In 2021 we celebrated our 125th anniversary and set out Our Desired Future, cemented in three pillars: People Potential, Client Centricity and always Creating our Future, together. Learn more about what sets us apart here.

About The Role

Role Overview

Information Security is responsible for the stability, maturity, and continuous improvement of the firm’s operational security and privacy controls. This includes leading the monitoring, detection, response, and management of cyber and data‑related risks while ensuring compliance with UK GDPR, industry standards (ISO27001), and client expectations.

This role plays a key role in the operational management of security and privacy risk across the firm’s technology environment.  Working with third party service providers, it ensures the effective operation of threat detection, incident response, data protection controls, and operational workflows supporting UK GDPR compliance.

This is a hands‑on technical role requiring strong analytical skills, attention to detail, and a proactive mindset. The ideal candidate will have practical experience with Microsoft security and compliance technologies, an interest in learning advanced detection and automation techniques, and a desire to contribute to a growing, high‑performing security operations capability.

Key Responsibilities

  • Monitor security event identification via the third-party security operations service.

  • Triage, analyse, and investigate incidents to validate potential threats, anomalies, or policy violations.

  • Coordinate incident response activities including containment, evidence collection, documentation, and recovery support.

  • Contribute to threat hunting activities using KQL queries and intelligence-led techniques.

  • Maintain accurate incident records, ensuring actions and outcomes are logged to a high standard.

  • Facilitate security testing and awareness through threat simulations.

  • Support the triage and processing of data subject rights (DSR) requests, including subject access requests (SARs).

  • Conduct data discovery and collection across systems, ensuring completeness and accuracy.

  • Support DPIA processes through data mapping, evidence gathering, and risk assessment input.

  • Help maintain and tune Microsoft Defender, Sentinel, and Purview policies, analytics rules, alerts, and workflows.

  • Support the development, testing, and maintenance of automated playbooks and response actions (e.g., Logic Apps).

  • Verifying compliance with expected practice in the operation of technology services, including security baseline and access right reviews.

  • Support vulnerability management by tracking remediation, validating fixes, and assisting with reporting.

  • Gather and analyse data to help identify trends, gaps, and areas for control improvement.

  • Assist with periodic control reviews, audits, and compliance checks as required.

  • Prepare operational reports, dashboards, and metrics for the Team Lead and wider stakeholders.

  • Develop and maintain playbooks, runbooks, and procedural documentation.

  • Contribute to continuous improvement activities, including identifying opportunities to streamline operations.

  • Ensure all actions adhere to internal policies, regulatory requirements, and industry best practice.

Qualifications & Experience

Essential

  • 3+ years’ experience working in a security operations, IT security, privacy operations, or related technical role.

  • Familiarity with:

    • Microsoft Defender XDR

    • Microsoft Sentinel (SIEM/SOAR)

    • Privacy Management Solutions (e.g. Purview, OneTrust)

  • Basic understanding of key cybersecurity and privacy concepts, such as:

    • Threat detection and analysis

    • Incident response lifecycle

    • Vulnerability and exposure management

    • Data privacy principles and data subject rights

  • Experience analysing logs, alerts, or data from security tools

  • Strong documentation, investigation, and analytical skills.

Desirable

  • Hands‑on experience writing KQL queries, PowerShell, or CLI commands.

  • Exposure to automation or playbooks (Logic Apps, Defender workflows).

  • Knowledge of frameworks such as MITRE ATT&CK or NIST CSF.

  • Relevant certifications such as:

    • SC‑900, SC‑200 (or working toward), AZ‑900, AZ‑500

    • CISSP, CIPP/E, CompTIA Security+

    • Foundation‑level data privacy certifications (e.g., BCS Certificate in Data Protection)

Key Skills and Attributes

  • Strong problem‑solving ability and attention to detail.

  • Curious and proactive mindset with willingness to learn.

  • Effective communicator able to document findings clearly and concisely.

  • Highly organised and able to manage multiple tasks with competing priorities.

  • Collaborative team player with a commitment to continuous improvement.

Ability to work with sensitive data responsibly and confidentially.

Role Overview

Information Security is responsible for the stability, maturity, and continuous improvement of the firm’s operational security and privacy controls. This includes leading the monitoring, detection, response, and management of cyber and data‑related risks while ensuring compliance with UK GDPR, industry standards (ISO27001), and client expectations.

This role plays a key role in the operational management of security and privacy risk across the firm’s technology environment.  Working with third party service providers, it ensures the effective operation of threat detection, incident response, data protection controls, and operational workflows supporting UK GDPR compliance.

This is a hands‑on technical role requiring strong analytical skills, attention to detail, and a proactive mindset. The ideal candidate will have practical experience with Microsoft security and compliance technologies, an interest in learning advanced detection and automation techniques, and a desire to contribute to a growing, high‑performing security operations capability.

Key Responsibilities

  • Monitor security event identification via the third-party security operations service.

  • Triage, analyse, and investigate incidents to validate potential threats, anomalies, or policy violations.

  • Coordinate incident response activities including containment, evidence collection, documentation, and recovery support.

  • Contribute to threat hunting activities using KQL queries and intelligence-led techniques.

  • Maintain accurate incident records, ensuring actions and outcomes are logged to a high standard.

  • Facilitate security testing and awareness through threat simulations.

  • Support the triage and processing of data subject rights (DSR) requests, including subject access requests (SARs).

  • Conduct data discovery and collection across systems, ensuring completeness and accuracy.

  • Support DPIA processes through data mapping, evidence gathering, and risk assessment input.

  • Help maintain and tune Microsoft Defender, Sentinel, and Purview policies, analytics rules, alerts, and workflows.

  • Support the development, testing, and maintenance of automated playbooks and response actions (e.g., Logic Apps).

  • Verifying compliance with expected practice in the operation of technology services, including security baseline and access right reviews.

  • Support vulnerability management by tracking remediation, validating fixes, and assisting with reporting.

  • Gather and analyse data to help identify trends, gaps, and areas for control improvement.

  • Assist with periodic control reviews, audits, and compliance checks as required.

  • Prepare operational reports, dashboards, and metrics for the Team Lead and wider stakeholders.

  • Develop and maintain playbooks, runbooks, and procedural documentation.

  • Contribute to continuous improvement activities, including identifying opportunities to streamline operations.

  • Ensure all actions adhere to internal policies, regulatory requirements, and industry best practice.

Qualifications & Experience

Essential

  • 3+ years’ experience working in a security operations, IT security, privacy operations, or related technical role.

  • Familiarity with:

    • Microsoft Defender XDR

    • Microsoft Sentinel (SIEM/SOAR)

    • Privacy Management Solutions (e.g. Purview, OneTrust)

  • Basic understanding of key cybersecurity and privacy concepts, such as:

    • Threat detection and analysis

    • Incident response lifecycle

    • Vulnerability and exposure management

    • Data privacy principles and data subject rights

  • Experience analysing logs, alerts, or data from security tools.

  • Strong documentation, investigation, and analytical skills.

Desirable

  • Hands‑on experience writing KQL queries, PowerShell, or CLI commands.

  • Exposure to automation or playbooks (Logic Apps, Defender workflows).

  • Knowledge of frameworks such as MITRE ATT&CK or NIST CSF.

  • Relevant certifications such as:

    • SC‑900, SC‑200 (or working toward), AZ‑900, AZ‑500

    • CISSP, CIPP/E, CompTIA Security+

    • Foundation‑level data privacy certifications (e.g., BCS Certificate in Data Protection)

Key Skills and Attributes

  • Strong problem‑solving ability and attention to detail.

  • Curious and proactive mindset with willingness to learn.

  • Effective communicator able to document findings clearly and concisely.

  • Highly organised and able to manage multiple tasks with competing priorities.

  • Collaborative team player with a commitment to continuous improvement.

  • Ability to work with sensitive data responsibly and confidentially.

Competitive salary

Please note: this is a Direct Search led by Knight Frank. Applications from recruitment agencies will not be accepted nor will fees be paid for unsolicited CVs, even if provided by PSL agencies.