Cyber Security Operations Centre (SOC) Analyst

The IPS Headquarters (IPS HQ) plays an integral role in enabling the Command to secure the NCA. This role is part of the NCA's Cyber Security team, recruiting a SOC Analyst to join the newly established Security Operations Centre (SOC). The Analyst will work from the Agency's Birmingham office on a 24/7 shift pattern (4 days on, 4 days off).

• Monitor, prevent, detect and respond to security incidents across multiple security technologies (IDS, IPS, firewalls, endpoint security solutions, vulnerability management).
• Build effective working relationships with trusted partners to provide accurate threat identification.
• Assist in content development, analytics, and tuning SOC services to protect the Agency’s vulnerabilities.
• Support engineering tasks to ensure continuous availability of SOC services.
• Complete scheduling and reporting for SOC tasks, ensuring events and incidents are appropriately progressed.
• Assist with security, risk, compliance and service reporting and review.
• Assess and categorize events, and bring them to the Shift Lead for escalation to the Cyber Defence Team.
• Maintain SOC documentation, processes and procedures.
• Receive and act on calls, emails and alerts related to security events and potential incidents.
• Collaborate with other Security Teams (Cyber Defence, IA, Operational, Physical and Personnel) and adjacent commands to lower risk to data loss.
• Support senior management in delivering an effective and efficient departmental service.
• Develop and build internal and external partnerships to foster good relations and enhance SOC capabilities.

• Recognised degree in an IT related area (Cyber Security, Computer Science, Information Technology, etc.) or equivalent certifications from recognised bodies (GIAC, ISC2, BCS, ISACA, CompTIA).
• Demonstrable enthusiasm for Cyber Security, a high standard of accuracy and attention to detail, and desire to work as part of a team.
• Ability to confidently work with multiple security technologies, extract and interpret data, plan carefully, manage time effectively, and work collaboratively.
• Relevant experience and behaviours assessed through 250‑word examples covering enthusiasm for Cyber Security, attention to detail, and teamwork.
• Successful completion of DV STRAP clearance before commencing the roleli>

• Base salary of £36,057 with the NCA contributing £10,445 to a Civil Service Defined Benefit Pension scheme.
• 26 days annual leave (rising to 31 after 5 years), plus 8 bank holidays, with additional leave for new entrants from UK Police Forces or UKIC.
• Flexible working (flexi‑time, compressed hours, job sharing) where business requirements allow.
• Learning and Development opportunities, including GIAC courses (GFACT, GSEC, GSOC, GCIH) and Cyber Foundations.
• Interest‑free loans and advances (season tickets, childcare, rental deposits). Housing schemes – Key Worker status.
• Discounts and savings through Reward Gateway, Edenred and Blue Light Card schemes.
• Staff support groups/networks, sports and social activities, membership to the Civil Service Sports Council (CSSC).

• Role based in the Birmingham office; not available on a hybrid basis.
• Work pattern: 24/7 shift, primarily 4 days on and 4 days off; potential move to 12‑hour shifts.
• Applicants must meet the NCA (developed vetting) and the Civil Service Code.
• The Civil Service embraces diversity and promotes equal opportunities; disability confident scheme available.
• Successful candidates will receive a full vetting and pre‑employment checks before appointment.
• Security: Successful candidates must meet the development vetting requirements before appointment, and must complete baseline personnel security standard checks.