Senior security analyst (SIEM) - Hybrid

Hours: 35 hours per week

Contract: Permanent

Reports into: Security Information Event Management Lead (SIEM Lead)

Location: Hybrid - A blend of working from home and your nominated hub office, we have hubs in London, Bristol, Manchester and Oxford. Specific patterns for working in the office are not mandated, and the frequency of time worked in the office is agreed with your manager. Meeting in person is something we value so you may need to travel on occasion to any of our hub offices.

About Jisc: Our vision is to lead the UK tertiary education, research and innovation sectors to be pioneers in the use of digital technology and data. We’re on a mission to harness the power of technology and data, to transform how knowledge is shared, applied and enhanced.

About the team: This role is part of the SIEM analyst team, which consists of a team leader and four analysts, and is responsible for analysing threats identified by the Splunk-based Cyber Security Threat Monitoring (CSTM) platform, while also collaborating closely with the wider SOC team to support incident response activities.

About the role: In this role, you'll play a key part in operating Jisc’s Security Operations Centre Service - triaging alerts and support tickets, escalating issues when needed, and actively participating in incident handling as part of the Janet network CSIRT function. You'll dive into threat detection and analysis using a mix of Jisc-developed and commercial tools to gather intelligence, mitigate attacks, and deliver a robust SOC and incident response capability. You'll serve as a key escalation point for SIEM Security Analysts, working closely with the CSIRT Security Lead, to manage incidents and drive the continuous improvement of our security systems. Your contributions will help shape new threat mitigations and strengthen Jisc’s internal defences, ensuring we stay one step ahead of future cyber threats. Working alongside the SIEM Lead, you’ll play a hands-on role in advancing our security systems - developing new threat mitigations, strengthening Jisc’s internal defences, and stepping in to lead in their absence to ensure continuity and resilience in our cyber operations.

Additional responsibilities will include:

• To assist in monitoring, detecting, and mitigating threats to our members via our Security Information and Event Management (SIEM) system Splunk ES.
• To support the continuous monitoring of SOC customer IT infrastructure, networks, and systems for signs of suspicious or malicious activity. This includes the use of Security Information and Event Management (SIEM) and Endpoint Detect and Response (EDR) Network and DDoS tools.
• To support members with onsite or remote recovery of a cyber incident and maintain evidentiary chain of custody that may be required.

Key Skills and Experience:

• Clear understanding of SIEM solutions such as Splunk Enterprise Security.
• Experience of using Splunk solutions.
• Familiarity with a range of security tools and systems such as SIEMs, EDR’s SOAR, IDS, WAF, DLP and DDoS mitigation systems.
• Sound working knowledge of TCP/IP and other related Internet protocols.
• Able to communicate effectively with a range of security professionals and to simplify complex technical issues.
• Excellent customer service skills with a pragmatic approach to handling incidents.

Why work for us? At Jisc, every role is vital, and every person matters. We want you to feel like you’re part of something bigger. We support learning throughout your career and offer chances to grow, develop new skills, and make a real difference in education and research. We believe that balancing your personal and professional life is key to happiness and fulfilment. We embrace flexible working, focusing on results rather than hours spent at a desk. It's not about where you work, but how you create a flow that energizes both your work and home life.

Take a look at our fantastic benefits! We offer:

• Flexible work pattern, which can adapt to suit your schedules and personal commitments.
• 31 days annual leave (plus bank holidays) that includes three closure days over Christmas plus the opportunity to buy up to an additional 5 days leave during the flexible benefits window.
• A comprehensive 24/7 mental health support package, including coaching and appropriate counselling or specialist therapy, with no predetermined limit on the number of sessions you can access.
• Annual Jisc performance award.
• A range of wellbeing lifestyle benefits including company paid health care cash plan, mental health first aiders and support.
• A company culture of continuous learning with access to thousands of LinkedIn Learning courses, and lots of resources and opportunities to support your development.
• Allocated allowance of up to £250 to equip your home office.
• Financial well-being support including access to preferential loan and savings plans, mortgage advice, will writing tools and support and resources to help you make the most of your money.
• The opportunity to donate to charity tax-free with our Payroll Giving benefit.
• Salary sacrifice - Electric Car Lease Scheme, Cycle to work and SmartTech (buy the latest technology and white goods products, spreading the cost over up to twelve months, direct from your salary and interest-free) subject to terms and conditions and available upon request.
• A wide range of discounts and cashback from retailers and big-name high-street stores.
• Family friendly policies including enhanced parental, maternity and paternity and co-parental leave as well as opportunity for career breaks.
• Support your volunteering with up to 3 days volunteer leave.
• Specsavers corporate eye care scheme including free eye test vouchers and up to £70 towards new glasses for VDU use.
• Life assurance cover.

Equity, diversity and inclusion: Jisc believe our people make all the difference in cultivating an inclusive culture that welcomes ideas, encourages innovation, and values belonging. We work hard to create an equitable experience for our candidates and workforce which embraces all aspects of their identity including race and ethnicity, religion and belief, sex, gender identity, sexual orientation, trans identities, age, class, disability, neurodivergence, or veteran status.

Application process: Please let us know how we can best accommodate you throughout the recruitment process. We’re committed to making our process accessible and comfortable for everyone - just tell us what works best for you. Just so you know, we review CVs as soon as we can and aim to provide an update on your application within 4 weeks of receiving it. However, you may hear from us a lot sooner, so please keep an eye out for our emails or calls! We’re really looking forward to getting to know the real you.

While we encourage the use of AI tools to help you get started on your CV or cover letter, we encourage you to review your application before submitting. Make sure it truly reflects your own voice, experiences, and personality.

If you are currently a Jisc employee, please apply through your Dayforce Employee profile. We have a thorough background screening process that verifies the details you share with us in your CV and your application. Any inaccurate information supplied during the application stages can lead to a job offer being withdrawn.

Sponsorship: Jisc has an active sponsor licence to recruit on a Skilled worker visa basis. Candidates wishing to apply who require sponsorship should determine the likelihood of obtaining a Certificate of Sponsorship for the role by assessing their circumstances against the relevant Home Office criteria. Jisc does not offer any financial re-imbursement towards the applicant costs, such as re-location, skilled worker visa and dependant costs or the immigration health charge.

No agencies please. You will need to create an account and sign in to apply for a role.