Senior Security Operation Centre (SOC) Analyst in London

Salary: £45,000 to £52,937 – (dependent on experience)

Contract Type: Permanent – Full time

Location: Gatwick – Hybrid

Interview Date: w/c 10th October 2025

Visa Restrictions: This position does not offer visa sponsorship.

We are the UK's aviation and aerospace regulator and recognised as a world leader in its field. Our activities are diverse, enabling the aviation industry to meet the highest safety standards, and we pride ourselves on our ability to adapt to the constantly evolving aviation environment.

The Role

With the establishment of a dedicated Security Operations Centre (SOC) at the CAA in early 2026, we are entering a transformative phase in our cyber defence capability. This strategic initiative marks a significant investment in strengthening our ability to detect, respond to, and recover from cyber threats in real time. The Senior SOC Analyst plays a critical role within the CAA’s Security Operations Centre, supporting the detection, investigation, and response to cyber threats targeting the Civil Aviation Authority. Acting as a senior technical escalation point and mentor for other analysts, this role ensures the smooth day-to-day running of SOC operations.

The Senior SOC Analyst supports the SOC Manager in maintaining high operational standards, delivering improvements across tooling and playbooks, and helping uplift the capability of junior analysts through coaching and collaboration. While this is not a formal leadership role, it requires a high degree of autonomy, initiative, and technical proficiency.

About You

Minimum essential requirements for the role:

• Proven experience working in a Security Operations Centre or similar threat detection/incident response role
• Strong analytical and investigative skills, with the ability to work independently on complex cases
• Proficiency in SIEM and EDR tools, particularly Microsoft Sentinel and Microsoft Defender XDR
• Familiarity with the MITRE ATT&CK framework and common attacker techniques
• Experience contributing to the development or tuning of security detections
• A proactive mindset, with a willingness to lead on assigned tasks and support others
• Clear communication skills, both written and verbal, for documenting investigations and collaborating within the team
• Mentor junior analysts and develop training materials and tabletop exercises
• CompTIA CySA+ certification or equivalent intermediate certification

Desirable skills for the role:

• Experience writing or modifying KQL queries for alerting, threat hunting, or dashboards
• Exposure to Logic Apps, Power Automate, or other SOC automation tools
• Experience contributing to post-incident reviews or security process improvements
• Interest in mentoring, coaching, or supporting junior team members
• Completion of relevant security certifications (e.g. GCFA, Blue Team Level 1 (BTL1) or Azure Security Engineer Associate)

Additional Information

For many appointments within the CAA, these roles require access to operationally sensitive infrastructure and/or Nationally Protected information. For these roles the post holders must undergo National Security Vetting and achieve the appropriate level of clearance. SC - To be vetted we will usually expect a reasonable period of residency in the UK so that meaningful checks can be undertaken. For this role this will need to be 5 years. If you do not meet these requirements, we may not be able to accept your application.

For more information on CTC and SC clearance please visit Vetting explained - GOV.UK

CAA values high ethical standards and personal integrity among employees. If invited for interview you will be asked to complete a declaration of interest.

Relocation & Property

The CAA will be relocating from Aviation House (Our Gatwick Office) to new premises in a few years’ time. Our move is driven by strategic, operational and environmental considerations. We will be moving to a new local home, up to a 15-mile radius of Aviation House, to minimise disruption for our valued colleagues and customers. We are now working with colleagues and visitors to understand what we need in our new office, before we start our property search. We will sell Aviation House and land, vacate the site and move to new premises, but we do not expect to move before 2028.

Inclusivity

We are proud to be an equal opportunity employer and celebrate our diversity ensuring all backgrounds are included here at the CAA. As a member of the Disability Confident scheme, applicants who meet the minimum criteria for a role with us will be guaranteed an interview.

Benefits

• Flexible & hybrid working arrangements available
• 28 days annual leave + public holidays (additional 5 days leave purchase scheme)
• Generous pension scheme (Up to 12% employer contribution)
• Wellbeing Room at Gatwick
• Mental Health and Suicide First Aiders
• Employee Assistance Programme, talking therapies and neurodiversity support via Occupational Health & access to Headspace for colleagues and 5 dependents
• Free onsite gym at Gatwick or discounted gym membership for London
• EV charging points
• Employee Development courses internally and via Skillsoft

Our Values

Do The Right Thing, Never Stop Learning, Build Collaborative Relationships, Respect Everyone.

No recruitment agencies please.