Skip to main content

Senior Security Operations Centre Analyst

Posted: 13 Nov 2019 Closes: 12 Jan 2020
London £38367 - £43629 per annum, Benefits: Civil Service Pension
Permanent & Full-time 25247-233262700

Bristol or Reading are the preferred locations for this role. Defra's Security Operations Centre is based in Reading, you will be expected to travel to Bristol and/or London on a regular basis. Some UK wide travel may be necessary from time to time. Other locations considered.

About the job
SummaryDefra is the UK government department responsible for safeguarding our natural environment, supporting our world-leading food and farming industry, and sustaining a thriving rural economy. Our broad remit means we play a major role in people's day-to-day life, from the food we eat, and the air we breathe, to the water we drink.

Our Digital Data and Technology Services (DDTS) Function is currently undertaking a once in a generation Transformation, as the UK moves towards exiting the EU. We are currently recruiting for a Senior Security Operations Centre Analyst. This is an exciting time to join Defra as we continue to transform our technology and pursue our goal of providing world class IT services.

Job descriptionThe Defra Security Operations Centre team welcomes applicants with experience of working in a Security Operations Centre as well as applications from other technological backgrounds who may wish to move into this field, it should be noted that they must demonstrate transferable technical skills to reach interview. As Senior Security Centre Operations Analyst you will work within Defra’s recently formed Cyber Security Operations Centre. You will be responsible for the day to day organisation of incidents assigned to the Cyber Security Operations Centre whilst also supporting and coaching other staff.

As part of an overall security improvement plan, Defra is transforming its IT security process and approach in line with our new multi-supplier IT operating model. Using a wide range of tools you will focus primarily on cloud security & application security. Your portfolio will expand as the range of services which are protectively monitored by Defra’s Cyber Security Operations Centre increases, as the Security Function matures.

ResponsibilitiesThe Senior SOC Analyst will have the following responsibilities:
• Oversee a small team of Security Operations Centre Analysts and apprentices who will be on a temporary rotation with the Defra Cyber Security Operations Centre.

• Administer the day to day management of tickets assigned to the Security Operations Centre and assigning to appropriate resolver groups using Defra’s Information Technology Service Management (ITSM) tool.

• Ensure daily checks are performed using Protective monitoring tooling such as our SIEM tool, Azure Security centre, Sentinel and Cloud Application Security.

• Create, enhance, and take ownership of knowledge articles for other resolver groups across the Defra estate.

• Produce, and improve upon existing, SOC work instructions (or ‘runbooks’), proactively identifying where improvements can be made, and determine when new work instructions are required.

• Collaborate with the Cyber Security Operations Centre Management Team to facilitate recovery from security breaches, actively participating in investigations and remediation of security incidents and lessons learned.

• Participate in service acceptance of protective monitoring projects as they are delivered into business as usual.

• Coach, develop, mentor, and support your team on a daily basis.

• Support development of the training and development strategy for Cyber Security Operations Centre.

• Support the Security Operations Centre manager in the event of a major cyber security incident. This could be attending bridge calls or providing analysis to support critical decisions.

• Provide metrics and graphical representations that feed into the wider Cyber Security Operations Centre suite of reporting.

• Assist with ‘deep-dive’ investigations to determine if systems or data have been breached.

• Feed into Continual Service Improvement for the Cyber Security Operations Centre, proactively seeking service and process improvements and implementing them.

• Identify, manage and mitigate risks by applying appropriate controls, which are the responsibility of the Cyber Security Operations Centre, to protect the organisation’s systems and data.

Person specification
To be successful in this role you will need:

• The capability to explain complex technical information to management and other non-technical staff using plain English in a way that is clearly understood.

• Experience of leadership in an IT technical environment. Ideally with SOC analyst experience.

• To be a self-starter who is keen to learn about new and emerging technologies and cyber threats and how those threats may apply to Defra.

Please detail the following in your CV.

• An industry recognised IT qualification.
• Relevant experience in an IT technical role.


Share Job