Length of employment: Job Summary: The Ministry of Defence employs over 50,000 Civil Servants. Within that, the Army Top Level Budget (TLB) employs around 12,000 MOD Civil Servants located at over 300 locations. Ours is a diverse workforce, with roles ranging from trainers, human resources, teachers, and psychologists to storekeepers, financiers, project and programme managers, and policy secretariat staff. There are many different functions and professions delivering key outputs for the Army. Step into the future of warfare with the Information Directorate, where data drives decisions and digital dominance defines victory. We lead in strategic data management, intelligence, and cutting-edge technology, delivering the tools that give the Army a decisive edge on the modern battlefield. As part of our civil servant team, you'll be at the forefront of information warfare, countering disinformation, safeguarding critical data, and ensuring information integrity in a rapidly evolving digital battlespace. You'll work with state-of-the-art tools, including AI, advanced analytics, and next-gen tech, helping the Army outthink, outmanoeuvre, and outpace its adversaries. In the Information Directorate, you'll turn that vision into reality. From strengthening cyber resilience to driving digital transformation on the front lines, your expertise will shape the Army's future. You'll collaborate with a diverse network of experts, deploying innovative strategies to maintain the Army's dominance in an increasingly contested information environment. This is more than a job-it's your chance to redefine digital defence, push the boundaries of innovation, and directly contribute to the Army's lethality and operational effectiveness. Join us. Shape the future. Strengthen the force. This position is advertised at 37 hours per week. Job Description: The Army Digital Services (ADS) organisation is part of the Chief Technology Office (CTO) pillar which is part of the Directorate of Information within Army Headquarters Andover. ADS is the Army's supplier of choice for the design, development and support of applications and services to provide digital enablement of the Army's processes. It therefore supports the Army's ambitious and innovative modernisation and transformation agenda. The ADS Security Operations Centre (SOC) provides real time protective monitoring of the Army Hosting Environment (AHE). The role of a Security Operations Centre Analyst is to monitor, collect and analyse security event data arising from activity across the organisation, tune and improve rules generating security alerts, and follow up by investigating indicators of potentially malicious activity, escalating incidents or initiating responses. The role will provide an excellent opportunity to develop strong behaviours, as well as develop and improve system security professional skills in a challenging environment. Working as part of the Army Digital Services (ADS) Security team, you will have the opportunity to work with other security professionals across the Army and Defence to ensure the successful implementation of new technology and ways of working. The successful candidate will Provide Protective Monitoring, Create Content for Security Signature; Threat Hunt, and be Proficient in Incident Escalation. Monitor, triage and investigate security alerts on protective monitoring platforms to identify security incidents and perform analysis of security event data to support the response, reporting or escalating where appropriate. Your specific responsibilities will include: Ensure that the SOC's controls, policies, and procedures are followed and effectively adhered to SOC Cyber Security Analyst: Ensure Security Incident Event Management (SIEM) is carried out to agreed policy and processes Support shift analysts with Level 1 triage of events & alerts across Security Information & Event Management (SIEM) tools and associated products Where required; carry out additional investigation, supporting escalation of incidents to Level 2 analysts & additional resolver teams Assist in end-to-end management of open security incidents, engaging with L2s and resolver groups to ensure accuracy and timely resolutions Support internal processes for alert tuning and maintenance of SOC tooling Support processes for SIEM content development in line with above. Cyber Security Professional: Build knowledge of common security frameworks such as MITRE ATT&CK, Cyber Kill chains, NIST etc to assist SOC maturation Maintain knowledge on emerging Tactics Threats and Procedures (TTP's) to the environment, feeding actionable information into the team. Carry out proactive threat hunting within SIEM logs using additional tools to facilitate. SOC Administration: Carry out Daily, weekly, monthly and ad-hoc tasks as defined by SOC Manager. Contribute to the effectiveness and efficiency of the SOC, through improvements to each function as well as coordination and communication between support and business functions Deliver AHE SOC Specific projects Contribute to the long-term SOC strategy and planning, including initiatives geared toward operational excellence Employ Constant Service Improvement (CSI) culture Contribute towards ongoing development of internal and business wide processes, procedures and knowledgebase Incident escalation management SOC Documentation: Ensure correct information Security standards are maintained on SharePoint and associated SOC information repositories. Support to SOC manager: Attend meetings and represent SOC Manager Assist with scheduled & ad-hoc SOC reporting outputs as directed by management. Deliver SOC awareness and security information. Act as a point of contact, for SOC Communications The Army prides itself on being a supportive employer and where possible encourages flexible working, helping you to maintain a great work/life balance. Other benefits for Army civil servants include: 25 days paid annual leave rising (1 day per year) to 30 days upon completion of 5 years' service Highly competitive pension scheme Personal and professional development of skills Alternative working patterns for many roles Access to the Employee Assistance Programme (EAP), a free service that assists you with achieving a productive, healthy environment that is conducive to a healthy lifestyle Enhanced parental and adoption leave 6 days special leave per year which can be used for volunteering activities Learning and Development We believe that everyone has the potential to make a difference and you will be supported to help you learn and advance in your career. This includes working towards membership of a professional body and/or undertaking a modern apprenticeship as part of your role. A modern apprenticeship is a combined package of work and training. Through the schemes available you will gain a professional qualification, practical experience, and the broader skills required to develop in your current role and pave the way for your future career. The post does not offer relocation expenses. External recruits who join the MOD who are new to the Civil Service will be subject to a six-month probation period. Please Note: Expenses incurred for travel to interviews will not be reimbursed. Please be advised that the Department is conducting a review of all pay related allowances which could impact on those allowances that the post currently being advertised attracts. Any move to MOD from another employer will mean you can no longer access childcare vouchers. This includes moves between government departments. You may however be eligible for other government schemes, including Tax-Free Childcare. Determine your eligibility at https://www.childcarechoices.gov.uk/. The Ministry of Defence is committed to providing a safe and healthy working environment for its staff which includes educating them on the benefits of not smoking, protecting them from the harmful effects of second-hand smoke and supporting those who want to give up smoking. Under the Smoke-Free Working Environment policy, Smoking and the use of all tobacco products (including combustible and chewing tobacco products) will not be permitted anywhere in the Defence working environment however some exemptions are in place, please refer to local guidance. The policy is Whole Force and includes all Defence personnel, contractors, visitors and other non-MOD personnel. All applicants seeking, considering, or accepting employment with the Ministry of Defence should be aware of this policy and that it is already in place at a number of Defence Establishments. MOD Recruitment Satisfaction Survey - We may contact you regarding your experience to help us improve our customer satisfaction. The survey is voluntary and anonymous. You may however be given the opportunity to provide additional information to help us improve our service which includes the collection of some personal data as defined by the United Kingdom General Data Protection Regulation (UK GDPR). The MOD Privacy Policy Notice sets out how we will use your personal data and your rights. We are looking for enthusiastic individuals who can handle the pressure of coordinating a wide range of activities and should be comfortable working with Tri-service customers, willing to challenge established norms and process and be prepared to adapt to changing priorities. Applicants should also have effective written and verbal communication skills and display a positive and professional attitude. Essential: Understanding of Information and cyber security A good understanding of Network and Server technologies, Networking, Protocols, configuration etc A good understanding of Cyber and network security, Malware, Operating System (OS) vulnerabilities, Security mitigation options and Security best practise Desirable: ITIL v3/v4 or latest SFIA level Information Security (SCTY) SFIA Security Administration (SCAD) SFIA Information Assurance (INAS) A Cyber security related qualification for example, Certified Information Systems Security Professional (CISSP). CISM, At application you will be asked to provide a CV. You will also be assessed against the following behaviours - Managing a Quality Service (lead behaviour) Seeing the Bigger Picture Applications will be sifted using all elements listed above, but in the event of a high number of applications, a sift will be conducted on the CV and lead behaviour only: Managing a Quality Service. At interview you will be assessed against the following behaviours - Delivering at Pace Making Effective Decisions You will also be asked experience based questions. Application sifting will be scheduled to take place within 7 days of the application closing date. Interview dates are to be confirmed but these will be held in person at Army Headquarters, Andover. We endeavour to keep to these time frames, but these are subject to change around business needs. The Civil Service embraces diversity and promotes equality of opportunity. There is a Disability Confident Scheme (DCS) for candidates with disabilities who meet the minimum selection criteria. If you need to advise us that you need additional help or reasonable adjustments for the recruitment process, please contact:. As a result of the changes to the UK immigration rules which came in to effect on 1 January 2021, the Ministry of Defence will only offer sponsorship for a skilled worker visa under the points based system, where a role has been deemed to be business critical. This role does not meet that category and we will not sponsor a visa. It is therefore NOT open to applications from those who will require sponsorship under the points based system. Should you apply for this role and be found to require sponsorship, your application will be rejected and any provisional offer of employment withdrawn.