Job Description
: Cyber Security Incident Response Analyst
Primary Location: UK South - Reading (hybrid working)
Thales UK is seeking a skilled Cyber Security Analyst to join its CSOC Team, supporting both Thales UK operations and its customers. The successful candidate will possess strong technical expertise across enterprise security technologies — including SIEM, SOAR, EDR, and Threat Intelligence platforms — and a deep understanding of how to protect complex corporate environments against sophisticated adversaries. This role demands a proactive Analyst who can anticipate, detect, and respond to evolving cyber threats, contributing to Thales’ mission to safeguard critical information and systems.
Key Responsibilities:
1. Cyber security event analysis and investigation
2. Digital forensics investigation applying good practice guidelines
3. Manage escalated security incidents through the incident response process to closure
4. Identify and understand security log sources to support creation and improvement for alerting on abnormal activity and to minimise false positives
5. Employ analysis tools to identify data related to security incidents and root cause
6. Effectively communicate to appropriate escalation points
7. Research and advise on appropriate security counter-measures to reduce cyber risk
8. Apply appropriate urgency and action depending on data sensitivity
9. Participate in knowledge sharing and incident response exercises
10. Assess current cyber threats intelligence, security vulnerabilities and define actions
Required Skills, Knowledge & Experience
11. Experience as a Cyber Security Analyst
12. Digital forensics tools, processes and good practice
13. Knowledge of and experience using SIEM tools
14. Familiar with methods for ethical security penetration testing
15. Familiar with the common compromise tools and techniques
16. IS and security process experience, including change and incident management
17. IS infrastructure, internet, networking, and computer knowledge
18. Systems administration
19. Collaboration tools and operating in a distributed team
Desirable Skills, Knowledge & Experience
20. Creation and maintenance of SOC processes and procedures
21. Experience implementing SOAR platforms and automation workflows.
22. Understanding of the MITRE ATT&CK framework and its practical application.
23. Relevant professional cyber security qualifications
24. Programming skills
25. Experienced intrusion detection and vulnerability analysis
26. Cyber security risk assessment
#LI-SW1
In line with Thales' Baseline Security requirements, candidates will be asked to provide evidence of identity, eligibility to work in the UK and employment and/or education history for up to three years. Some vacancies may require full Security Clearance which can require further evidence to be provided. For further details of the evidence required to apply for Baseline and Security Clearance please refer to the Defence Business Services National Security Vetting (DBS NSV) Agency.
At Thales we provide CAREERS and not only jobs. With Thales employing 80,000 employees in 68 countries our mobility policy enables thousands of employees each year to develop their careers at home and abroad, in their existing areas of expertise or by branching out into new fields. Together we believe that embracing flexibility is a smarter way of working.
Thales UK is committed to providing an inclusive and barrier-free recruitment process. We will provide reasonable adjustments and support to ensure neuro-diverse applicants or those with a disability or long-term condition can be their best during the recruitment process. To request an adjustment,if you need this job advert in an alternative format or if you have any questions about the recruitment process, please contact Resourcing Ops for mid to senior roles, or the Early Careers Team for graduate and apprentice roles.
Great journeys start here, apply now!