Join to apply for the Security Operation Centre (SOC) Analyst role at Civil Aviation Authority
Salary and Benefits
Salary: £37,000 to £40,279 – (dependent on experience)
Contract Type: Permanent – Full time
Location: Gatwick – Hybrid
Closing Date: Sunday 12th October 2025
Interview Date: w/c 27th October 2025
Visa Restrictions: This position does not offer visa sponsorship.
This is the UK’s aviation and aerospace regulator role with broad responsibilities to support safety standards in a constantly evolving environment.
The Role
With the establishment of a dedicated Security Operations Centre (SOC) at the CAA in early 2026, this role supports a transformative phase in cyber defence. SOC Analysts monitor, triage, and investigate security events that could impact the CAA’s operations, systems, or data. The role operates within an in-house SOC, focusing on first and second-line defence activities and contributing to continuous improvement of security monitoring and response capabilities.
The SOC Analyst works as part of a team, handling investigations with autonomy and good judgment. This is an opportunity to develop technical depth within a fast-moving, maturing security function.
Responsibilities
* Monitor security events, triage alerts, investigate incidents, and determine appropriate actions
* Support first and second-line defence activities within the SOC
* Contribute to continuous improvement of security monitoring and response capabilities
* Collaborate with IT, network, and application teams during investigations
Qualifications and Experience
Minimum essential requirements:
* Experience in a SOC, threat detection, or security operations environment
* Working knowledge of SIEM and EDR platforms (especially Microsoft Sentinel and Defender)
* Understanding of Windows, Active Directory, and basic networking concepts
* Familiarity with the incident response process and evidence handling
* Analytical mindset and strong attention to detail to identify indicators of compromise (IOCs)
* Ability to work under pressure and manage multiple investigations
* CompTIA Security+ certification or equivalent foundational knowledge
* Strong communication and collaboration skills to work with IT, network, and application teams during investigations
Desirable skills:
* Experience using KQL (Kusto Query Language) for writing or modifying queries in Microsoft Sentinel
* Exposure to PowerShell, Logic Apps, or scripting languages for automation and investigations
* Understanding of MITRE ATT&CK or other threat models
* Knowledge of threat intelligence concepts and IOCs
* Experience with cloud environments, particularly Microsoft Azure
* Relevant certifications (e.g. SC-200, CySA+, or equivalent)
Additional Information
For many appointments within the CAA, these roles require access to operationally sensitive infrastructure and/or Nationally Protected information. Post holders must undergo National Security Vetting and achieve the appropriate level of clearance.
SC - To be vetted we will usually expect a reasonable period of residency in the UK; for this role this will need to be 5 years.
If you do not meet these requirements, we may not be able to accept your application. For more information on CTC and SC clearance please visit Vetting explained - GOV.UK (www.gov.uk).
The CAA values high ethical standards and personal integrity. If invited for interview you will be asked to complete a declaration of interest.
Relocation & Benefits
The CAA will relocate from Aviation House (our Gatwick office) to new premises in a few years. The move is driven by strategic, operational and environmental considerations. The new location will be within a 15-mile radius of Aviation House to minimise disruption. We do not expect to move before 2028.
Inclusivity
We are proud to be an equal opportunity employer and celebrate diversity. As a member of the Disability Confident scheme, applicants who meet the minimum criteria will be guaranteed an interview.
Benefits
* Flexible & hybrid working arrangements available
* 28 days annual leave + public holidays (additional 5 days leave purchase)
* Genrous pension scheme (Up to 12% employer contribution)
* Wellbeing Room at Gatwick
* Mental Health and Suicide First Aiders
* Employee Assistance Programme, talking therapies and neurodiversity support
* Free onsite gym at Gatwick or discounted gym membership for London
* EV charging points
* Employee Development courses internally and via Skillsoft
Our Values
Do The Right Thing, Never Stop Learning, Build Collaborative Relationships, Respect Everyone.
We reserve the right to close this vacancy early if we receive sufficient applications. Therefore, please submit your application as early as possible. No recruitment agencies please.
#J-18808-Ljbffr