Do you want to help power your career and be part of an evolving energy industry?
An exciting opportunity has arisen for a Cyber Security Analyst to join our Digital & Innovation team.
The energy industry is advancing with investment in smart technology innovation and Northern Powergrid, as the company responsible for powering everyday life for 8 million customers across 3.9 million homes and businesses in the North East, Yorkshire and northern Lincolnshire, is at the forefront of delivering a power network that meets the region’s needs now and in the future.
As a member of the Berkshire Hathaway Energy Global Security Operations Centre (GSOC), the Cyber Security Analyst will take an important role in the 24×7×365 security monitoring of Northern Powergrid information systems, while supporting and continuously improving our cyber protection, detection and response infrastructure.
Along with a competitive salary of between £45,000 - £55,000 we also offer great benefits such as:
25 days holiday;
10% Performance Bonus.
SC-level National Security Vetting clearance is required for this role. Candidates will be required to have lawfully resided in the UK for a minimum of 5 years to support security clearance processes.
Key Responsibilities
- Lead investigation of complex SIEM, endpoint, email and network alerts using triage playbooks.
- Own incidents end-to-end (enrichment, impact, containment, recovery) with auditable evidence.
- Perform advanced log and forensic analysis across Microsoft, Linux, cloud and security tooling to identify root cause.
- Investigate phishing, malware, vulnerabilities and advanced/persistent threats.
- Develop and tune detection use cases, reducing false positives and improving coverage.
- Configure and manage endpoint security tooling (e.g. EDR/XDR), including policy tuning and response actions.
- Support firewall and network security engineering (rule review, optimisation, policy alignment) and contribute to tooling improvements.
- Maintain incident records and knowledge articles aligned to audit and regulatory needs.
- Support threat hunting and proactive identification of risks and control gaps.
- Contribute to continuous improvement, playbooks and cyber exercises.
- Support shift handovers, threat briefings and SOC reporting.
- Previous experience within an advanced Security Analyst or SOC Analyst role. Or in support of cyber security infrastructure and applications.
- Experience with SIEM technologies (e.g., QRadar, XSOAR).
- Strong problem‑solving and technical troubleshooting skills.
- Ability to prioritise a constantly changing workload.
- Effective communicator able to guide and support less experienced analysts.
- Proficient in Microsoft applications
Skills, Knowledge & Qualifications
Essential Qualifications and Experience
- As Northern Powergrid operates as part of the UK’s Critical National Infrastructure, this role requires security clearance. Applicants must have lawfully resided in the UK for a minimum of five years to be eligible.
- 3–5+ years working in information security, SOC operations, or hands‑on experience in Security Operations or SOC environments.
- High level understanding of IT and operating systems (Microsoft and Linux).
- Experience coaching or leading junior team members is advantageous.
- Demonstrated experience with SIEM tools, network security, and incident response processes.
- Ability in alert triage, threat analysis, log analysis, and vulnerability management.
- Understanding of networking protocols, cloud security, and common attack techniques.
- Specifically, at least one of the following:
- CyberArk
- CompTIA Security+, CySA+, or CEH
- SIEM focused certifications (e.g., Splunk, Microsoft Sentinel, QRadar)
- RFQ Level 5 (HNC/D) Qualification in Cyber Security, Computer Science, Information Security, or similar technical discipline.
Desirable Qualifications and Experience
- Familiarity with cloud environments (AWS/Azure) and their security models.
- Experience improving SOC processes, tuning detection rules, or leading incident response.
- Knowledge of compliance frameworks (e.g., NIST, ISO 27001).
- Full UK drivers license
- CISSP, GCIH, GCIA, GMON, GIAC certification
- RFQ Level 6 (degree) in Cyber Security or Information Assurance
Additional Information
Posted: 10/06/26
Closing date for applications: 01/07/26
Provisional date for interviews: W/C 13/07/2026
Hours: 37 hours per week, Shared Cover Monday – Friday between 08:00 and 18:00
We reserve the right to close this advert early dependent on number of applications
Applicants are considered on the basis of their suitability for the post irrespective of sex, marital status, sexual orientation, gender re‑assignment, race, age or disability, in accordance with the Equality Act 2010.
