Cyber Security Analyst in Yeovil

We’re looking for a Cyber Security Analyst to join the ARCHANGEL™ Protective Monitoring (ProMon) Team. ARCHANGEL™ delivers specialist technical cyber security services to a range of clients across a variety of industries including construction, government, defence and aerospace. The Team is responsible for providing thorough initial investigation into anomalous network activity that may lead to potential security incidents.

You will be joining our highly skilled team working at our Yeovil site Monday-Friday. This is a great opportunity to bring your talents and form an integral part of Leonardo's future. We can help you develop your skills and offer great opportunities to develop and grow.

Your Impact

• Provide monitoring, alerting and incident handling services within the SOC in line with SLAs.
• Act as the initial analytical reference point for identifying and then quantifying the nature and extent of security incidents and offer initial professional advice relating to possible business impact in order to reduce both the Mean Time to Detect (MTTD) and Mean Time to Respond (MTTR).
• Advise on incident containment measures through recommended initial actions to customers in collaboration with the Incident Response (IR) Team.
• Provide advice relating to potential mitigation measures in order to prevent, or limit future reoccurrence in collaboration with the Incident Response (IR) Team.
• Have an understanding of Incident Response, Cyber Kill Chain, Threat Modelling and pertinent Attack Vectors.
• Have a collaborative working ethos in order to work across the team in order to create pertinent Playbooks, Use Cases, etc.
• Perform proactive analysis across client networks by staying abreast of current threats and trends.
• Develop and maintain a credible knowledge of current and emerging threats likely to affect the Integrity of the managed service you are protecting.
• Review reoccurring false positive firings and assist in the tuning of SIEM and IDS rules to reduce false positives and maintain good security alerting.
• Creation of reporting for management and clients on security incidents and threat intelligence trends.

What You’ll Bring

• Experience in Cyber Security, e.g. Protective Monitoring, Incident Response, Security Engineering.
• SIEM (LogRhythm, Arcsight, Splunk, etc) & IDS (Snort) experience.
• Have a sound knowledge of IT security best practice, common attack types & detection/prevention methods.
• Demonstrate experience of analysing & interpreting system, security & application logs in order to diagnose faults & spot abnormal behaviours.
• Have great organisational skills & attention to detail.
• Ability to work independently & as part of a team.
• Highly motivated, with the aptitude to learn new skills.

These Additional Skills Will Also Help

• SANS SEC 503 Intrusion Detection in Depth or equivalent.
• SANS SEC 504 Incident Handling, Hacker Tools and Techniques or equivalent.
• SANS SEC 508 Advanced Incident Response, Threat Hunting, and Digital Forensics or equivalent.
• SANS SEC 511 Continuous Monitoring and Security Operations or equivalent.
• Exposure to IT service management best practices such as ITIL.
• Knowledge of standards & guidelines such as ISO27001, GDPR principles and GPG-13.
• Threat Intelligence experience.
• Report Writing.

Security Clearance

This role is subject to pre-employment screening in line with the UK Government’s Baseline Personnel Security Standard (BPSS). An additional range of Personnel Security Controls referred to as National Security Vetting (NSV) may apply, which could include meeting the eligibility requirements for The Security Check (SC) or Developed Vetting (DV).

Why join us

At Leonardo, our people are at the heart of everything we do. We offer a comprehensive, company-funded benefits package that supports your wellbeing, career development, and work–life balance.

• Time to Recharge: Enjoy generous leave with the opportunity to accrue up to 12 additional flexi-days each year.
• Secure your Future: Benefit from our award-winning pension scheme with up to 15% employer contribution.
• Your Wellbeing Matters: Free access to mental health support, financial advice, and employee-led networks championing inclusion and diversity.
• Rewarding Performance: All employees at management level and below are eligible for our bonus scheme.
• Never Stop Learning: Free access to 4,000+ online courses via Coursera and LinkedIn Learning.
• Refer a friend: Receive a financial reward through our referral programme.
• Tailored Perks: Spend up to £500 annually on flexible benefits including private healthcare, dental, family cover, tech & lifestyle discounts, gym memberships and more.

Equal Employment Opportunity

At Leonardo we are committed to building an inclusive, accessible, and welcoming workplace. We believe that a diverse workforce sparks creativity, drives innovation, and leads to better outcomes for our people and our customers.