Senior Security Operations Analyst (Threat)

Hours: Closing Date: Thu, 28 Aug 2025

We are recruiting for a Senior Security Operations Analyst to join our Security team. If you enjoy working in a fast-paced and agile environment, helping inform key decisions on our security posture, analyzing, assessing, hunting threats, and have a curious and analytical mindset, this may be the job for you.

Not just another building society. Not just another job. We're the fourth biggest building society in the UK, and what makes us a bit different is that we're a mutual organization. We don't have shareholders; we're owned by our members.

Our colleagues say Skipton's a great place to work, and you could be one of them, bringing new ideas on how we can keep customers at the heart of what we do. Whatever your background and goals, we'll help you take the next step towards a better future.

You will be joining the Security function with over 20 people dedicated to securing our organization, split over various security disciplines. Working specifically within the Operational Security Team, you will work closely with our Managed Security Service Provider, supplementing this with your own capabilities such as threat analysis and hunting, supporting incident management processes, and maintaining our threat landscape.

Skipton values work/life balance and supports hybrid and flexible working, where possible. Our newly refurbished head office offers a vibrant and collaborative workspace. Benefits include:

• Annual discretionary bonus scheme
• 25 days standard annual leave + bank holidays + rising 1 day per year of service up to 30 days
• Holiday trading scheme
• Matching employer pension contribution (up to 10%)
• Colleague mortgage (conditions apply)
• Salary sacrifice scheme for hybrid & electric cars
• Training and development opportunities
• Private medical insurance
• 3 paid volunteering days per annum
• Diverse colleague networks including Carers and Pride Alliance
• Health and wellbeing initiatives like cycle to work and gym discounts

• Monitor escalated security alerts from MSSP and MDR services, assess and manage their progress, and work closely with our MSSP and MDR teams.
• Conduct in-depth analysis of security events to determine impact and severity.
• Correlate data from multiple sources to identify patterns and indicators of compromise (IOCs), using EDR and SIEM tools for proactive threat hunting.
• Support incident management, providing expertise.
• Maintain and implement processes, supporting documentation, and standards aligned with our policies.
• Maintain and update our threat landscape.
• Train and support junior analysts.

• Proficiency in incident handling, threat analysis, and security tools.
• Familiarity with network protocols, malware analysis, and log analysis.
• Knowledge of NIST and Mitre ATT&CK frameworks.
• Minimum of 2 years in a SOC environment.
• Experience with EDR tools (preferably Sophos).
• Experience with Threat Intelligence Platforms and analyzing threat feeds, IOCs, TTPs.
• Threat hunting experience in on-premise and cloud environments.
• Dark Web Monitoring experience.
• Ability to analyze large data sets, identify anomalies, and develop scripts or automate processes in Python or other languages.

• Relevant certifications such as CompTIA Security+, CEH, or GIAC (GCIH, GCIA, etc.).

• Strong communication, analytical, and teamwork skills.
• Excellent investigative skills, curiosity, and creativity.
• Self-motivated with a high sense of urgency and integrity.
• High ethical standards and values.