We are seeking a Security Operations Analyst to join our Cyber Security team and play a key role in protecting our organisation from evolving cyber threats. Working as part of a Security Operations Centre (SOC), you will monitor, detect, investigate, and respond to security incidents across our technology estate.
Hybrid role requiring 2 days per month onsite in Birmingham, with participation in a 1-in-6 on‑call rota working either 7:00am–3:30pm or 9:00am–5:30pm shifts.
Responsibilities
* Monitor and analyse security alerts from multiple tools, including Google SecOps, Microsoft Defender, and Forcepoint, escalating incidents where required
* Carry out initial and intermediate investigations to assess the severity, scope, and impact of security incidents
* Perform proactive threat hunting using telemetry and intelligence from SIEM, EDR, and threat intelligence feeds
* Use automation platforms such as Microsoft Power Automate, Python, or scripting tools to improve investigation and response workflows
* Assist in developing LLM‑based workflows to support security automation use cases including alert enrichment, triage, and documentation
* Support the configuration, monitoring, and continuous improvement of DLP policies across Microsoft Purview, email, and endpoint channels
* Contribute to the creation and maintenance of incident response playbooks, procedures, and documentation in line with best practice
* Work with asset owners to ensure the security tooling inventory remains accurate and effective
* Maintain high‑quality incident records and contribute to post‑incident reviews to drive continuous improvement
* Support wider cyber security initiatives to improve detection, visibility, and response across the organisation
Qualifications
* Strong foundational experience in security monitoring, incident response, or threat analysis within a SOC or similar environment
* Hands‑on experience with SIEM platforms, ideally Google SecOps (Chronicle) or equivalent
* Practical experience using automation tools such as Microsoft Power Automate, Python, or PowerShell
* Awareness of how Large Language Models can be applied in cyber security, including prompt design, data sanitisation, and responsible AI use
* Understanding of Data Loss Prevention principles, including policy creation, triage, and escalation
* Familiarity with the Microsoft Defender security ecosystem is highly desirable
* Strong analytical and problem‑solving skills, with attention to detail and a continuous improvement mindset
* Clear written and verbal communication skills, with the ability to document incidents and collaborate with technical and non‑technical teams
* Relevant certifications such as CompTIA Security+, Microsoft SC-200, or similar are beneficial but not essential
Benefits
* Wellbeing that means something
o 26 days’ holiday + bank holidays (and the option to buy more) plus 1 paid volunteering day every year
o Exceptional family leave, 26 weeks fully paid maternity/adoption, 4 weeks fully paid paternity, 22 weeks fully paid shared parental leave, plus 5 days paid bereavement leave
o Robust sick pay of up to 13 weeks full pay + 13 weeks half pay
o 24/7 Employee Assistance Programme for confidential support
o Private medical insurance for everyone, no medical-history exclusions
* Financial Benefits That Have Your Back
o Performance-based rewards tailored to your role, from company-wide bonuses to OTE and commission structures
o Income protection: up to 75% salary for 5 years if you ever need it
* Grow your career with us
o SkillsHub learning platform with leadership pathways, future‑manager training, and a huge online library
o Access to external training and apprenticeships
* Making a Difference
o MatchIt! Fundraise for a cause close to your heart and OneAdvanced will match part of the funding
o Pennies from Heaven donate the pennies from your pay check to help make a difference without lifting a finger
* ULEV car scheme with 1,000+ models
* Dental insurance, Health Cash Plan, Critical Illness Cover, Partner Life Cover
J-18808-Ljbffr