Cyber Security Analyst – Security Operations

About the role

The Security Operations Analyst will join the Security Operations team, reporting to the Security Operations Lead. The role ensures continuous oversight of a 24x7 Security Operations Centre and manages a range of operational security services across the organisation.

Key responsibilities

• Oversee day‑to‑day delivery of services from a third‑party 24x7 SOC, including DDoS protection, Web Application Firewall, Intrusion Prevention & Detection, File Integrity Monitoring, Vulnerability Scanning, Privileged Access Management and SIEM.
• Operate and maintain data loss prevention toolsets, investigate alerts and manage data loss incidents that breach corporate or industry standards such as PCI DSS.
• Participate in a rotational 24/7 incident response capability, acting as the single point of contact for security‑related decisions and coordinating with IM/MIM teams.
• Maintain security oversight of technical infrastructure delivered by third‑party suppliers, raise and remediate security risks.
• Support the security certificate provisioning platform, handling alerts, reporting, renewal, revocation and documentation updates.
• Govern firewall rule bases and manage associated change processes.
• Provide security input to Service Management for change, problem and incident management.
• Oversee web proxy policy configuration provided by third‑party providers.
• Monitor security communication channels, respond to business queries, and track emerging threat patterns, vulnerabilities and anomalies.
• Report metrics on security controls across the estate, highlight risk areas and develop remediation plans.

Required profile

• Ability to act as the single point of contact for security incident response.
• Willingness to participate in a rotational 24/7 on‑call schedule.
• Experience working with third‑party security service providers.
• Strong understanding of security governance, change management and risk remediation processes.

Required skills

• DDoS protection
• Web Application Firewall (WAF)
• Intrusion Prevention System (IPS) / Intrusion Detection System (IDS)
• File Integrity Monitoring
• Vulnerability Scanning
• Privileged Access Management
• Security Information and Event Management (SIEM)
• Data Loss Prevention (DLP) tools
• PCI DSS compliance knowledge
• Security certificate management
• Firewall rule management
• Web proxy configuration
• Threat monitoring and analysis
• Security metrics reporting