Enable job alerts via email!
OT SOC Analyst - Operational Technology
Morson Edge
Pulborough
Hybrid
GBP 60,000 - 85,000
Full time
Generate a tailored resume in minutes
Land an interview and earn more. Learn more
Job summary
A leading technology service provider in the UK is seeking an experienced OT SOC Analyst to handle high-severity cyber security incidents. You will analyze threats, create SOC policies, lead incident response, and enhance security monitoring. The ideal candidate has extensive experience in leadership roles within critical environments. This position offers a hybrid work model with 2 days on-site in Crawley.
Responsibilities
- Analyze intel and IOCs to find threats across environments.
- Create SOC policies and procedures aligned with best practice.
- Ensure all logs feed into the SIEM and detect anomalous activity.
- Lead high-severity incidents, improving playbooks and manage remediation.
- Develop automated workflows to streamline response.
- Perform forensic analysis and recommend containment actions.
- Participate in cyber-attack simulations to strengthen resilience.
- Improve reporting dashboards and key security metrics.
- Support and maintain security tools and platforms.
- Support audits and ensure compliance.
- Automate and enhance detection and response.
Skills
Education
OT SOC Analyst (Operational Technology)
Outside IR35
Duration: 6 - 9 months
Location: Crawley, Hybrid 2 days per week on site
The role of an Incident Response (CSIRT) / Security Operations Centre (SOC) Level 3 Analyst is to respond to high‑severity cyber security incidents and/or escalated events and alerts then, using experience combined with industry tools and techniques, expedite a containment, eradication and recovery strategy to minimise business impact and ensure UK Power Networks (UKPN) network systems and customer data are protected from cyber threats.
- Threat Hunting: Analyse intel and IOCs to find and remove hidden threats across UKPN's OT/IT environments.
- Policy: Create SOC policies, standards and procedures aligned with best practice.
- Logs: Ensure all logs feed into the SIEM and build use cases to detect anomalous activity.
- Incident Response: Lead high‑severity incidents, improve playbooks and manage remediation, communication and reporting.
- SOAR: Develop automated workflows to streamline detection, enrichment and response.
- Forensics: Perform forensic analysis across multiple data sources and recommend containment and eradication actions.
- Crisis Testing: Take part in cyber‑attack simulations to strengthen resilience.
- Reporting: Improve reporting dashboards and key security metrics.
- Tooling: Support and maintain security tools and platforms for threat prevention, detection and response.
- Audit: Support SOC2/NCSC CAF/ISO27001 audits and ensure compliance.
- Continuous Improvement: Automate and enhance monitoring, detection and response based on evolving threats.
- Essential
- Extensive End to End Cyber Incident Leadership Experience
- Extensive SOC L3 / CSIRT L3 Experience
- Extensive CNI / Defence / Business Critical Environment Experience
- Desirable
- Threat Hunting Experience
- Threat Hunting Strategy Mindset
- Runbook & Playbook Authoring
- Lessons Learned / Root Cause Analysis Leader
- Experience working with and enhancing security monitoring tooling
- Extensive IT/OT Systems Experience
- Extensive CNI & OT Environment Awareness
- Experience aligning with organisational requirements and contributing to audit readiness
- Desirable - Cyber and OT Certification
MOD or similar
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
