Global Security Operations Centre Analyst

Overview

An opportunity to play your part – Are you ready to be a key player in Centrica\’s cyber world? As a Global Security Operations Centre Analyst, you\’ll play a pivotal role in safeguarding our organisation\’s digital fortress. Your mission: monitor, detect, and respond to security incidents with speed, while crafting and implementing top-notch security measures to protect our systems and data. You\’ll collaborate closely with our cyber defence squads, ensuring we stay one step ahead of threats and continuously enhance our security landscape. If you\’re passionate about cybersecurity and eager to make a real impact, this is the adventure you\’ve been waiting for! Location: UK, Windsor (talk to us about flexible working)

Responsibilities

• Monitor security alerts from various sources like SIEM, EDR, and other tools.
• Investigate and respond to security incidents, ensuring effective containment, remediation, and recovery while considering business requirements.
• Follow defined incident response processes and escalate to the Cyber Security Incident Response team when necessary.
• Develop and fine-tune detection rules, create and maintain detection playbooks, and collaborate with threat intelligence to identify new detection opportunities.
• Use automation tools and scripting languages (e.g., Python, PowerShell) to streamline repetitive tasks and boost efficiency.
• Proactively hunt for potential threats within the environment, leveraging threat intelligence and advanced analytics to identify and mitigate risks.
• Work closely with other cyber defence teams, including Intelligence, Vulnerability Management, Threat Hunting, and Purple Teams.
• Effectively communicate findings and recommendations to various stakeholders.
• Utilise technical expertise to analyse telemetry related to incidents and identify appropriate investigation pathways.
• Identify techniques used by attackers and support investigations with relevant intelligence.
• Record actions within an incident in a coherent and concise manner, ensuring all relevant data is secured and presented in the incident record.

Qualifications

• Hands-on experience in a Security Operations Centre (SOC).
• Deep understanding of incident response processes and the Cyber Kill Chain.
• Proficient with Microsoft Azure and AWS cloud technologies.
• Relevant certifications such as Microsoft SC-200, AWS Certified Cloud Practitioner, Microsoft AZ-900, GIAC Certified Forensic Analyst (GCFA), and GIAC Certified Incident Handler (GCIH).
• Skilled in network and application protocols, and familiar with Windows, Linux, and macOS operating systems and their artifacts.
• Experience with security tools and technologies, including EDR solutions, SOAR platforms, and advanced SIEM capabilities.
• Preferred experience in scripting or programming languages.
• Preferred experience dealing with incidents in various environments, including OT and ICS technologies.
• Preferred experience working with wider Cyber Defence teams, such as Intelligence, Vulnerability Management, Threat Hunting, and Purple Teams.
• Understanding of cyber security legislation and experience with information risk and security-related best practices, policies, standards, and regulations.

Benefits

• Enjoy a generous market salary, along with fantastic growth opportunities and a vibrant work environment.
• Power up your pay with a 15% Employee Energy Allowance, surpassing the government\’s price cap.
• Secure your future with our comprehensive pension plan, designed for peace of mind.
• Elevate your health with our fully-funded company healthcare plan, prioritizing your well-being.
• Recharge with a generous 25-day holiday allowance, plus public holidays, and even purchase up to 5 extra days for extended relaxation.
• Experience unparalleled work-life balance with an exceptional selection of flexible benefits, from tech treats and eco friendly car leases to travel insurance for your adventures.