Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Monitor and respond to cyber security incidents in a dynamic team environment.
- Company: Join a leading global Cyber Security Incident Response Team.
- Benefits: Competitive daily rate, hybrid working, and opportunities for personal development.
- Why this job: Make a real impact in cyber security while working with cutting-edge technology.
- Qualifications: Must have current or lapsed SC Clearance and a passion for problem-solving.
- Other info: Collaborative culture with excellent career growth potential.
The predicted salary is between 60000 - 90000 £ per year.
Due to increased workload, we require a strong CSIRT Analyst to join the team. The team operates at a high level and we are looking for someone who can work at Tier 1 and Tier 2 level. You will be responsible for using a multitude of tools and triaging and responding to events in an end-to-end capacity.
Essential: You must have current SC Clearance or lapsed SC (within 12 months).
Job Purpose: The UK CSIRT Tier 1 Analyst will deliver the actions and activities as required and detailed in Cyber Incident Response plans. Using technical expertise and co-ordination capabilities, they will work within a team and individually, to respond to incidents and security events. The role requires the individual to have a high level of performance and individual ability.
About the Role: As part of the Cyber Security Incident Response Team (CSIRT), you will be employed within a global team as a Tier 1 CSIRT analyst within its Cyber Security Operations Centre (CSOC) located in Warwick. We respond as one global team, US & UK, comprising analysts, senior analysts, principal analysts, & managers. This affords you a team you can query, learn, and rely upon. Additionally, we have procedures ingrained within our technology to assist your investigations from triaging to containment. The UK position is a hybrid working role. Tues, Weds, Thurs onsite.
Key Accountabilities Delivery: As a CSIRT Analyst you will monitor, respond to, and investigate cyber security incidents, ensuring that the full end to end investigation of events are fully triaged. Respond to security events within the estate, including but not limited to:
- Microsoft Azure Cloud
- Splunk SIEM
- Enterprise and OT Intrusion Detection/Prevention Systems (IDS/IPS)
- Phishing Emails
- OT IDS
- Endpoint Detection & Response (EDR)
- In-house curated use cases aligning to our security tooling and technology within Enterprise, OT and CNI
- Vulnerability reports
- Pentesting reports
- Operational Threat and Analytics (OTA) Team reports
Focus on continuous improvement and personal development. Provide continuous input into developing and maintaining incident response work instructions, processes, supporting documentation, SIEM automation and use cases.
What you'll need: We are open minded when it comes to hiring. If you are intellectually curious, a critical thinker, enjoy solving problems and possess the aptitude and attitude to learn, we would like to hear from you! Desirable experience would include:
- Ability to investigate a person's behaviour and illustrate anomalous behaviour observed
- Experience in packet capture analysis, EDR, IDS/IPS, SIEM and AV
- Knowledge of Windows/Linux/Mac Host internals
- Knowledge of Cloud, Azure, KQL, Scripting, Microsoft Defender
- Knowledge of network protocols and windows enterprise domains
- Knowledge of MITRE ATT&CK tactics and techniques
- Knowledge of Splunk ES8
- Knowledge of OT and CNI working environments
- Knowledge of Kubernetes or associated Cloud Native Computing
- Excellent written and verbal communication skills
- Knowledge of IDS and IPS Snort rules
- Knowledge of Network perimeter security devices
- Security clearance
Please be advised if you haven't heard from us within 48 hours then unfortunately your application has not been successful on this occasion, we may however keep your details on file for any suitable future vacancies and contact you accordingly. Pontoon is an employment consultancy and operates as an equal opportunities employer. We use generative AI tools to support our candidate screening process. This helps us ensure a fair, consistent, and efficient experience for all applicants. Rest assured, all final decisions are made by our hiring team, and your application will be reviewed with care and attention.
CSIRT Analyst (SC Cleared) in England employer: Pontoon
Contact Detail:
Pontoon Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land CSIRT Analyst (SC Cleared) in England
✨Tip Number 1
Network like a pro! Reach out to current or former CSIRT Analysts on LinkedIn, join relevant groups, and engage in discussions. You never know who might have the inside scoop on job openings or can refer you directly.
✨Tip Number 2
Prepare for interviews by brushing up on your technical skills and knowledge of tools like Splunk and Azure. Practice common interview questions related to incident response and be ready to showcase your problem-solving abilities.
✨Tip Number 3
Don’t just apply anywhere; focus on companies that align with your values and career goals. Use our website to find roles that excite you and tailor your approach to each one, highlighting your relevant experience.
✨Tip Number 4
Follow up after interviews! A quick thank-you email can go a long way in keeping you top of mind. It shows your enthusiasm for the role and gives you another chance to reiterate why you’re the perfect fit.
We think you need these skills to ace CSIRT Analyst (SC Cleared) in England
Some tips for your application 🫡
Tailor Your CV: Make sure your CV is tailored to the CSIRT Analyst role. Highlight your relevant experience with tools like Splunk, EDR, and any incident response work you've done. We want to see how your skills match what we're looking for!
Craft a Compelling Cover Letter: Your cover letter is your chance to shine! Use it to explain why you're passionate about cyber security and how your background makes you a great fit for our team. Keep it concise but impactful – we love a good story!
Show Off Your Technical Skills: In your application, don't shy away from showcasing your technical expertise. Mention specific tools and technologies you've worked with, especially those listed in the job description. We’re keen on seeing your hands-on experience!
Apply Through Our Website: We encourage you to apply directly through our website. It’s the best way to ensure your application gets into the right hands. Plus, it shows us you're serious about joining our awesome team!
How to prepare for a job interview at Pontoon
✨Know Your Tools
Familiarise yourself with the tools mentioned in the job description, like Splunk SIEM and Microsoft Azure Cloud. Be ready to discuss your experience with these technologies and how you've used them in past roles.
✨Showcase Your Problem-Solving Skills
Prepare examples of how you've triaged and responded to security incidents. Highlight your critical thinking and analytical skills, as these are crucial for a CSIRT Analyst role.
✨Understand the Cyber Security Landscape
Brush up on current trends and threats in cyber security, especially those relevant to utilities and OT environments. Being able to discuss recent incidents or vulnerabilities will show your passion and knowledge in the field.
✨Communicate Clearly
Since excellent communication skills are essential, practice explaining complex technical concepts in simple terms. This will help you convey your ideas effectively during the interview and demonstrate your ability to work within a team.
