Enable job alerts via email!
OT SOC Analyst - Operational Technology
Morson Edge
United Kingdom
Hybrid
GBP 60,000 - 80,000
Full time
Generate a tailored resume in minutes
Land an interview and earn more. Learn more
Job summary
A leading cybersecurity firm in the UK is seeking an experienced SOC Analyst to respond to high-severity cyber incidents. The role includes threat hunting, policy creation, and incident management in a hybrid work environment. Ideal candidates will have extensive SOC and CSIRT experience, particularly in critical infrastructure. A passion for cybersecurity and a proactive mindset are essential.
Qualifications
- Extensive experience in leading cyber incident responses.
- Strong background in SOC and CSIRT operations.
- Experience in CNI and defence environments.
Responsibilities
- Analyse intel and IOCs to find and remove threats.
- Create SOC policies and procedures.
- Manage high-severity incident responses.
- Develop automated workflows for detection.
- Perform forensic analysis and recommend actions.
- Participate in cyber-attack simulations.
- Enhance reporting dashboards and metrics.
Skills
Education
Outside IR35
Duration: 6 9 months
Location: Crawley, Hybrid 2 days per week on site
The role of an Incident Response (CSIRT) / Security Operations Centre (SOC) Level 3 Analyst is to respond to high–severity cyber security incidents and/or escalated events and alerts then, using experience combined with industry tools and techniques, expediate a containment, eradication and recovery strategy to minimise business impact and ensure UK Power Networks (UKPN) network systems and customer data are protected from cyber threats.
- Threat Hunting: Analyse intel and IOCs to find and remove hidden threats across UKPN's OT/IT environments.
- Policy: Create SOC policies, standards and procedures aligned with best practice.
- Logs: Ensure all logs feed into the SIEM and build use cases to detect anomalous activity.
- Incident Response: Lead high–severity incidents, improve playbooks and manage remediation, communication and reporting.
- SOAR: Develop automated workflows to streamline detection, enrichment and response.
- Forensics: Perform forensic analysis across multiple data sources and recommend containment and eradication actions.
- Crisis Testing: Take part in cyber–attack simulations to strengthen resilience.
- Reporting: Improve reporting dashboards and key security metrics.
- Tooling: Support and maintain security tools and platforms for threat prevention, detection and response.
- Audit: Support SOC2/NCSC CAF/ISO27001 audits and ensure compliance.
- Continuous Improvement: Automate and enhance monitoring, detection and response based on evolving threats.
Essential
- Extensive End to End Cyber Incident Leadership Experience
- Extensive SOC L3 / CSIRT L3 Experience
- Extensive CNI / Defence / Business Critical Environment Experience
Desirable
- Threat Hunting Experience
- Threat Hunting Strategy Mindset
- Runbook & Playbook Authoring
- Lessons Learned / Root Cause Analysis Leader
- Experience working with and enhancing security monitoring tooling
- Extensive IT/OT Systems Experience
- Extensive CNI & OT Environment Awareness
- Experience aligning with organisational requirements and contributing to audit readiness
- Desirable – Cyber and OT Certification
- MOD or similar
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
