SOC Analyst

SOC Analyst

Job Title : SOC Analyst

Location : Reading, United Kingdom (Hybrid - 1-2 days / week)

Job Type : Contract Inside IR35

Client : Wipro

As an OT Senior Cyber Security Analyst, you will be responsible for maintaining SecOps (Security Operations) solutions, controls and processes across the organisation. You will be mentoring and assisting with leading the SOC team to ensure appropriate prioritisation and remediation of OT alerts and incidents.

This role requires a deep understanding of SecOps concepts, technologies and best practices across IT and OT environments, as well as the ability to collaborate effectively with cross-functional teams. The ideal candidate will possess strong communication and incident management skills and will be committed to ensuring the highest level of security, compliance, and user experience.

• Investigate security alerts from our SIEM tool and 3rd party MSSPs, and provide appropriate incident response actions.
• Liaise with technology and business stakeholders in relation to cyber security issues / incidents, providing clear descriptions and actions.
• Support the Cyber Security Operations Lead for security and privacy incidents, triaging events and performing root cause analysis.
• Act as the key contact and escalation point for the SOC and Thames Water Digital teams.
• Support out-of-hours incident investigations via an On-Call rota, covering 24 7 365 alongside our 3rd party MSSP.
• Monitor, analyse and optimise SecOps tool performance (e.g. SIEM, PAM), identify potential issues, and implement proactive solutions.
• Develop and maintain SecOps documentation, policies, and procedures.
• Collaborate with stakeholders to understand business requirements and implement proportionate security controls.
• Maintain cyber security solutions within existing systems, applications, and infrastructure.
• Evaluate and recommend technologies, tools, and vendors.
• Perform proactive threat hunting for new and emerging threats.
• Specialise in Operational Technology systems, defining monitoring alerts and ensuring effective security controls.
• Collect data to support cyber security compliance metric dashboards.
• Support compliance with standards and regulations (e.g. GDPR, NIS, ISO 27001).
• Stay current on industry trends, emerging technologies, and best practices.
• Contextualize OT specific threats (Understand the Operational Technology estate, specific OT threats and existing controls / mitigations; Use tools like Claroty to assess network traffic and OT hardware limitations without disrupting operations; Understand OT specific architecture frameworks; Reduce risks by applying contextual understanding of OT environments; Build relationships with Operations and the OT team to assess operational and cyber risk).
• Maintain Security Operations (Maintain security operations processes, including continuous improvement).
• Familiarity with Microsoft security tools (e.g. Sentinel), and others like SOAR, EDR / XDR, IDAM).
• Demonstrate reduced repetitive alerts and improved incident response efficiency through metrics.
• Proactive Risk Remediation (Use a risk-based approach to evaluate and improve security controls; Perform threat hunting and support the delivery of new controls; Provide metrics that show tangible risk reduction and lowered technical debt).
• Incident Readiness Response (Lead incident triage, management, and response; Prepare the business for cyber incidents (e.g. ransomware) and execute structured responses; Educate the business on incident readiness and ensure all staff can identify and report incidents).
• Continuous Improvement (Continuously improve SecOps processes to increase efficiency and enable more proactive activities; Use automation where possible; Track improvements via operational metrics / KPIs / dashboards).

• Strong analytical and problem-solving abilities
• Some hands‑on exposure to cyber security concepts and principles
• Experience with third‑party delivery partners and MSSPs
• Decision making and judgement
• Ability to innovate technical solutions
• Excellent planning and organising capabilities

• Minimum 3 years of experience with technical Cyber Security controls, ideally in an enterprise setting
• Minimum 3 years working in control systems of essential services (ICS, SCADA, CNI)
• Exposure to SOC environments
• Structured problem triage experience
• Experience remediating cyber risks in dynamic digital environments

• Ability to communicate complex IT / Security issues simply to non‑technical stakeholders
• Strong understanding of OT infrastructure, networking, and end‑user computing
• Experience writing KQL (Kusto Query Language) for SIEM tuning
• Proficient in configuring and troubleshooting MFA, PAM, and SIEM systems, especially Microsoft Sentinel

• Familiarity with NAC, Firewalls, Proxies / VPN, IDS / IPS
• Team leadership and mentoring experience

• Degree in Cyber Security, Computer Science, IT, Engineering, or related field
• Microsoft SecOps certifications (e.g. SC‑200, AZ‑900)
• Cyber security certifications (e.g. CCSP)
• OT‑specific certifications (e.g. Claroty Cybersecurity Analyst)

ICS, SCADA,