About The Role
The National Energy System Operator is embarking on the creation of a greenfield Cyber Security Operations function and is looking for a talented Threat Hunting and Detection Engineering (THaDE) Senior Analyst to be part of our growing THaDE team. This exciting opportunity will involve designing, shaping, and building novel detection strategies, executing threat hunting initiatives, and assisting in the creation of mature response frameworks. The role will also involve the creation of SOAR automations, bringing them through from concept to operational deployment. The Threat Hunting and Detection Engineering Senior Analyst will work in collaboration with the wider Cyber Security Operations function to ensure a high level of cyber defence maturity, ensuring the security of the systems that govern the flow of energy around the United Kingdom. This role can be based from Wokingham or Warwick and we continue to offer hybrid working from office and home. We are open to full time and part time applicants, as well as flexible working arrangements.
Key Accountabilities
* Create novel detection content by utilising threat modelling and coverage gap analysis.
* Create novel SOAR automation strategies.
* Conduct proactive threat hunting following defined threat hunting frameworks, creating actionable output to feed to key stakeholders.
* Create response documentation to assist the SOC in the triaging of incidents generated by the THaDE team’s detections.
* Ensure continuous improvement of the THaDE detection content library by conducting proactive tuning and logic updates.
* Support the Cyber Security Operations Centre (CSOC) team in incident escalations where needed.
* Through the THaDE Manager, provide regular reports and metrics on the threat hunting and detection engineering activities and outcomes.
About You
* Passionate about threat hunting.
* Experience designing novel detection mechanisms.
* Solid experience using SIEM and EDR technologies.
* Strong communicator with excellent writing skills.
Qualifications
* Relevant degree-level qualification or equivalent experience with a strong background in providing threat hunting services in a large hybrid environment, within a government or critical infrastructure domain.
* Demonstrable experience in threat hunting, content development, security engineering, operations.
At NESO, we are committed to building a diverse, inclusive, and authentic workplace for everyone. If you’re excited about this role but your experience or qualifications don’t match exactly, we encourage you to apply anyway.
National Security Vetting
This role requires a National Security Vetting (NSV) clearance. The level of clearance is Security Check (SC). Applicants should have been resident in the UK for the last five years, though we invite expressions of interest from those who do not currently meet this residency requirement.
What You’ll Get
A competitive salary of £49,000 - £57,000 depending on experience and capability. In addition to your base salary, NESO’s core benefits include: you will receive a bonus based on company performance; 26 days annual leave as standard; a competitive contributory pension scheme where we will double match your contribution up to 12%; annual enrollment in the NESO Savings Plan, where we match 50% of your savings between £20-£500 a month.
Benefits
* Flexible Bank Holidays & Holiday Trading
* Additional Birthday Day Off
* Cycle to Work Scheme, Retail & Gym Discounts
* Private Medical Insurance, Critical Illness Insurance & Personal Accident Insurance
About Us
At the National Energy System Operator (NESO), we play a vital role in tackling climate change and securing Great Britain's energy future. We already operate the world's fastest decarbonising electricity system and are working towards our ambition to run it carbon‑free for a short period this year – provided the market supplies electricity exclusively from renewable sources. Alongside this, we provide expert advice to government on how to deliver a clean power system by 2030. In autumn 2024, the Electricity System Operator (ESO) transitioned to become NESO – an independent, expert public corporation with a whole‑system view across electricity, gas, and hydrogen. NESO operates independently and transparently, always acting in the best interests of all energy users. Licensed and regulated by Ofgem, we make impartial decisions that balance sustainability, affordability and security. Our organisation is fully independent from government, the regulator and all commercial interests, with a clear focus on system‑wide benefit, long‑term vision and public value. The time to deliver is now. Join the energy transformation and help shape the future. Your energy. Our future. Together.
More Information
This role closes at 23:59 on the day before the date shown above. We encourage candidates to submit your application as early as possible. We are committed to a fair, inclusive recruitment process and welcome applicants with diverse experiences and backgrounds.
#J-18808-Ljbffr