Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Monitor and respond to cyber security incidents using advanced tools.
- Company: Join a global team in a leading Cyber Security Operations Centre.
- Benefits: Competitive daily rate, hybrid working, and opportunities for personal development.
- Why this job: Make a real impact in cyber security while working with cutting-edge technology.
- Qualifications: Current SC Clearance and a passion for problem-solving.
- Other info: Dynamic environment with a focus on continuous improvement and career growth.
The predicted salary is between 60000 - 90000 £ per year.
Utilities Hybrid: 3 days per week in Warwick
6 months+ £750 per day
Due to increased workload, we require a strong CSIRT Analyst to join the team. The team operates at a high level and we're looking for someone who can work at Tier 1 and Tier 2 level. You'll be responsible for using a multitude of tools and triaging and responding to events in an end-to-end capacity.
Essential: You must have current SC Clearance or lapsed SC (within 12 months).
Job Purpose: The UK CSIRT Tier 1 Analyst will deliver the actions and activities as required and detailed in Cyber Incident Response plans. Using technical expertise and co-ordination capabilities, they will work within a team and individually, to respond to incidents and security events. The role requires the individual to have a high level of performance and individual ability.
About the Role: As part of the Cyber Security Incident Response Team (CSIRT), you will be employed within a global team as a Tier 1 CSIRT analyst within its Cyber Security Operations Centre (CSOC) located in Warwick. We respond as one global team, US & UK, comprising of analysts, senior analysts, principal analysts, & managers. This affords you a team you can query, learn, and rely upon. Additionally, we have procedures ingrained within our technology to assist your investigations from triaging to containment. The UK position is a hybrid working role. Tues, Weds, Thurs onsite.
Key Accountabilities:
- Monitor, respond to, and investigate cyber security incidents, ensuring that the full end to end investigation of events are fully triaged.
- Respond to security events within the estate, including but not limited to:
- Microsoft Azure Cloud
- Splunk SIEM
- Enterprise and OT Intrusion Detection/Prevention Systems (IDS/IPS)
- Phishing Emails
- OT IDS
- Endpoint Detection & Response (EDR)
- In-house curated use cases aligning to our security tooling and technology within Enterprise, OT and CNI
- Vulnerability reports
- Pentesting reports
- Operational Threat and Analytics (OTA) Team reports
What you'll need: We are open minded when it comes to hiring. If you are intellectually curious, a critical thinker, enjoy solving problems and possess the aptitude and attitude to learn, we would like to hear from you!
Desirable experience would include:
- Ability to investigate a person's behaviour and illustrate anomalous behaviour observed.
- Experience in packet capture analysis, EDR, IDS/IPS, SIEM and AV.
- Knowledge of Windows/Linux/Mac Host internals.
- Knowledge of Cloud, Azure, KQL, Scripting, Microsoft Defender.
- Knowledge of network protocols and windows enterprise domains.
- Knowledge of MITRE ATT&CK tactics and techniques.
- Knowledge of Splunk ES8.
- Knowledge of OT and CNI working environments.
- Knowledge of Kubernetes or associated Cloud Native Computing.
- Excellent written and verbal communication skills.
- Knowledge of IDS and IPS Snort rules.
- Knowledge of Network perimeter security devices.
- Security clearance.
Please be advised if you haven't heard from us within 48 hours then unfortunately your application has not been successful on this occasion, we may however keep your details on file for any suitable future vacancies and contact you accordingly.
Pontoon is an employment consultancy and operates as an equal opportunities employer. We use generative AI tools to support our candidate screening process. This helps us ensure a fair, consistent, and efficient experience for all applicants. Rest assured, all final decisions are made by our hiring team, and your application will be reviewed with care and attention.
CSIRT Analyst (SC Cleared) in Warwick employer: Pontoon
Contact Detail:
Pontoon Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land CSIRT Analyst (SC Cleared) in Warwick
✨Tip Number 1
Network like a pro! Reach out to current or former employees in the CSIRT space, especially those who have worked at the company you're eyeing. A friendly chat can give you insider info and maybe even a referral!
✨Tip Number 2
Show off your skills in interviews! Be ready to discuss specific tools and techniques you've used in past roles. If you've got experience with Splunk, EDR, or Azure, make sure to highlight that – it’s what they’re looking for!
✨Tip Number 3
Prepare for scenario-based questions. They might ask how you'd handle a specific cyber incident. Think through your response strategies and be ready to demonstrate your problem-solving skills on the spot.
✨Tip Number 4
Don’t forget to follow up! After your interview, shoot a quick thank-you email to express your appreciation for the opportunity. It keeps you fresh in their minds and shows your enthusiasm for the role.
We think you need these skills to ace CSIRT Analyst (SC Cleared) in Warwick
Some tips for your application 🫡
Tailor Your CV: Make sure your CV is tailored to the CSIRT Analyst role. Highlight your relevant experience with tools like Splunk, Azure, and any incident response work you've done. We want to see how your skills match what we're looking for!
Show Off Your Skills: In your application, don’t just list your skills—show us how you've used them in real situations. Whether it’s investigating incidents or working with EDR, give us examples that demonstrate your expertise and problem-solving abilities.
Be Clear and Concise: When writing your application, keep it clear and to the point. Use straightforward language and avoid jargon unless it's relevant. We appreciate a well-structured application that gets straight to the heart of your qualifications.
Apply Through Our Website: We encourage you to apply through our website for the best chance of being noticed. It helps us keep track of applications and ensures you’re considered for the role. Plus, it’s super easy to do!
How to prepare for a job interview at Pontoon
✨Know Your Tools
Familiarise yourself with the tools mentioned in the job description, like Splunk SIEM and Microsoft Azure Cloud. Be ready to discuss your experience with these technologies and how you've used them in past roles.
✨Understand Cyber Security Concepts
Brush up on key concepts related to cyber security incidents, including incident response plans and the MITRE ATT&CK framework. Being able to articulate these concepts will show your depth of knowledge and readiness for the role.
✨Showcase Problem-Solving Skills
Prepare examples of how you've tackled complex problems in previous positions. Highlight your critical thinking and analytical skills, as these are essential for a CSIRT Analyst.
✨Communicate Clearly
Practice articulating your thoughts clearly and concisely. Strong written and verbal communication skills are crucial, so consider doing mock interviews to refine your delivery.
