SOC Analyst in Cardiff

We are looking for curious and driven team-players. Please reach out to matilda.rhode@dwrcymru.com if you have questions.

Hybrid working - Approximately 2 days a week in the office. Standby cover preferred for role after probation period completed, this is compensated. Applications will be reviewed on a rolling basis so please complete application as soon as possible as we may close the job advert early.

What you’ll be responsible for:

• Monitoring and analysing the security tooling (such as the SIEM, AV, EDR, Firewalls etc.) for suspicious activity.
• The team is threat-led and when there are no alarms/events to be investigated, the team performs threat hunting, looking for previously undetected threats.
• Continually monitor the organisation's security systems and related infrastructure for signs of compromise.
• Proactively make use of available toolsets to hunt for issues using threat intelligence relevant to the organisation.
• Coordinate activities with the managed security services provider.
• Work with the broader Security Operations teams to investigate, contain and remediate cyber security incidents.
• Assess new threats to the business, seeking to optimise existing technology to better counter the issues identified.
• Communicate to stakeholders around the business and provide timely updates during an investigation.
• Ensure all security events are investigated and documented to completion.
• Analyse and offer improvements against use cases and playbooks.
• Work with Security Engineering to enhance monitoring and response use cases.
• Participate in and help coordinate training scenarios to exercise processes, tools and staff across the wider security team.
• Stay up-to-date on the changing threat landscape.
• Undertaking any other requirements as outlined by the line manager.

About you:

• Diploma or Degree in a technical discipline such as: Computer Science, Engineering, Data analytics, Networking, or Information Security.
• Experience in any of the following: Cyber security; IT operations / engineering; Security incident management.
• Experience of understanding of the Cyber Kill Chain, MITRE ATT&CK and other information security defence and intelligence frameworks.
• Demonstrated experience in cloud-based infrastructure including Microsoft Azure; Office 365; Amazon AWS.
• Understanding of enterprise grade technical security controls and defence in depth.
• Experience of working within a regulated environment is highly beneficial.
• Demonstrated experience in stakeholder management both internal and external.
• Enthusiastic about putting our customers first every day.
• Knowledge of at least one cloud platform such as Microsoft Azure or Amazon AWS.
• Knowledge of programming or scripting language such as Python.
• Proficient with the use of a SIEM tool.
• Strong understanding of the Cyber Kill Chain, MITRE ATT&CK.

As well as a market competitive salary, 34 days annual leave (pro rata, including public holidays), we offer a range of employee benefits and rewards including:

• Variable pay schemes (your salary will always stay the same, but depending on the performance of the company you could receive a yearly bonus).
• Enhanced employer pension contributions – Up to 11% employer contributions.
• Enhanced family friendly policies.
• Progression opportunities, including the ability to apply for funded training and coaching and mentoring programmes.
• Reduction on gym memberships and high street shopping.
• Cycle to work scheme.
• Car-leasing scheme.
• An employee assistance programme for employees and their immediate family.

We are a not-for-profit company that truly cares about earning the trust of customers every day and about looking after our beautiful environment.

Dŵr Cymru Welsh Water keeps 3 million people healthy each day with safe, reliable water, and takes away wastewater to clean, before returning it safely to our beautiful rivers and seas. To deliver high quality, essential services which help to protect the health of our customers, colleagues and our environment, we need the right people to deliver on our vision. This is achieved by living our core values and demonstrating the core behaviours that underpin them.

The security of our people, assets and information is key to us, so we are looking for people who understand and comply with the company’s required security objectives. We know that the most successful teams are the most diverse teams. Equality, diversity and inclusion provide the very foundation to our culture at Welsh Water. We want every individual to feel confident, proud and able to bring their whole selves to work. To ensure an improved representation in our workforce, applications are particularly welcome from minority groups including Black, Asian and Minority Ethnic people, Females, LGBT+, Non-binary and people with disabilities. Together we continue to build a workplace that not only celebrates the diverse voices of our colleagues but also represents each customer we serve. In essence, ours is a company based on trust, openness, respect, commitment and honesty. A company that our colleagues are proud to work for.