Security Operations Centre Analyst (SOC)

Defra is the UK government department responsible for safeguarding our natural environment, supporting our world-leading food and farming industry, and sustaining a thriving rural economy. Our broad remit means we play a major role in people's day-to-day life, from the food we eat, and the air we breathe, to the water we drink.

Digital, Data Technology and Security (DDTS) is the trusted team for digital across the entire Defra Group.

We have around 1,200 colleagues across DDTS and our ambition is to make it easier and faster than ever for people to interact with Defra. If you are ready to drive innovation and push boundaries, we want to hear from you. Join us and together we will create a great place for living, and a green and healthy future for all.

Find out more about DDTS:

Defra digital, data and technology blog

LinkedIn

Defra Jobs

Defra's Security Operations Centre (SOC) is accountable for protecting DEFRA against cyber threats. Our SOC analysts monitor the network and investigate any potential security incidents.

We are seeking an individual to help build our capability. Working as part of a small team you will be accountable for providing security monitoring and incident response. Using cyber security techniques, you will be ensuring that the DEFRA’s security is maintained.

Our Analysts are accountable for the day-to-day handling of alerts in our Security Information and Event Management (SIEM), incidents assigned to the Security Operations Centre and investigating indicators of compromise provided by Threat Intelligence.

As a SOC Analyst you will use a wide range of tools and technical expertise, currently focusing primarily on user behaviour, cloud security & application security.

Defra is transforming its IT security processes via a security improvement plan and approach in line with our new multi-supplier IT operating model. As we develop and grow against this plan the range of services that are protectively monitored by Defra’s SOC will increases.

The SOC team is based in Reading and London. The successful applicant will be expected to travel into one of either office on regular basis working a shift pattern during the day to ensure continuous monitoring of the organisation.

We welcome applicants with experience of working in a Security Operations Centre and other technological backgrounds or graduates in a relevant subject who may wish to move into this field of work, it should be noted that you must demonstrate transferable technical skills and a keen interest in cyber security to be considered for the role.