POSITION DETAILS: Position Title: Security Operations Analyst Reports to (POSITION): Security Operations Lead Team: Security Operations Department: Systems Support Grade (If Applicable): N/A PURPOSE OF JOB: (OVERALL DESCRIPTION OF THE POST WITHIN THE TEAM AND ORGANISATION) Monitor, detect, investigate, and respond to security incidents. Analyse security events and incidents, conduct investigations, and develop incident response plans. Stay updated on cybersecurity threats and conduct threat assessments. Administer security tools, maintain accurate incident documentation, and prepare reports. Collaborate with teams, share knowledge, and ensure compliance. KEY RESPONSIBILITIES: Stay updated on cybersecurity threats and conduct threat assessments. Ensure that penetration and vulnerability testing is completed and report recommendations/remediations to the infrastructure team, accordingly, allowing us to maintain our accreditations Responding to SEIM SOC issues and liaising with Bytes SOC Subject-matter expert on all aspects of system security, including network, servers, workstations, cloud and data Devise secure system solutions to support the needs of the business Ensure that security is at the heart of all new systems, create/update documentation, where appropriate, including architecture diagrams and designs Pro-active advice and direction on security including patching, firewall, vulnerabilities, cloud, data protection, etc. Ensure compliance with standards and regulations. OPPORTUNITIES Join a rapidly growing business with scope for career development Help shape and steer which security solutions we use Exposure to the latest security technologies Assist with all aspects of internal projects from the security standpoint WIDER TEAM NETWORK (WHICH TEAMS WILL THE POSITION WORK WITH DIRECTLY AND WHO WILL THEY RELATE TO EXTERNALLY) Internal All Bytes staff External Manufacturers, Suppliers, and third-party support companies QUALIFICATIONS, EXPERIENCE, & SKILLS: (DELETE AS REQUIRED IF ESSENTIAL OR DESIRABLE, REMOVE UNNECESSARY REQUIRENENTs) Essential Knowledge Proven experience in SOC or similar role In-depth knowledge of cybersecurity concepts and tools Experience with incident response and threat hunting Strong analytical and problem-solving skills Excellent communication skills Relevant certifications are a plus - NIST, ISO2700X, SOC2, GDPR Working in an ITIL/change managed environment Experience working with Tenable to run vulnerability assessments ESSENTIAL OR DESIRABLE Additional Knowledge Experiencing working with/securing the following platforms/solutions Operating Systems – Windows/Windows Server, Linux Cloud – Microsoft Azure Firewall – Checkpoint/pfSense, Cloudflare, NetScaler Email/Messaging – Microsoft Exchange/ExchangeOnline, Mimecast, Microsoft Teams Domain and e-mail configuration including DNS zones and DMARC/DKIM records Monitoring – DarkTrace Web – IIS secure configuration ESSENTIAL OR DESIRABLE Skills Ability to work under own initiative Ability to follow written and verbal instructions Ability to work to strict deadlines Ability to provide training to other team members, and other employees Ambitious and willing to work towards specialisation in corporate systems Excellent communication and interpersonal skills Good documentation skills including Visio drawings Previous experience in a security-based role Current valid driving license ESSENTIAL OR DESIRABLE Qualities Articulate, literate, presentable, customer facing and technically astute Self-motivated, enthusiastic and willing to learn Punctuality and good time keeping are essential to this role Team player Commercial awareness ESSENTIAL OR DESIRABLE Training provision Necessary training on products and applications where required Bytes Software Services Ltd provide a full induction programme to assist in integration to the organisation. The individual will also be expected to attend training courses and take exams to assist with keeping up the business’ vendor accreditations ADDITIONAL INFORMATION Based at Bytes Software Service head office in Leatherhead. Occasional visits to other company offices may be required. Occasional out-of-hours work may be required Response to security escalation by out of hours support