What's involved with this role:
Role: Cyber Defence Analyst
Job Ref: QAD 1869 1309
Pay Rate: Competitive Market Rate
Hours per week: 37 hours per week
Contract Length: Until 31st March 2025
Location: West Midlands – five days onsite (no remote working)
We are seeking a Cyber Defence Analyst to join a dedicated cyber security team responsible for protecting and monitoring critical enterprise networks. The role involves designing, delivering, and maintaining operational cyber security capabilities, performing risk-based monitoring, and identifying internal and external threats. You will be part of an Enterprise SOC environment with a strong focus on SIEM technologies and will have extensive experience working in cyber defence roles.
Key Responsibilities:
Security Event Monitoring & Incident Response: Develop and integrate event monitoring, respond to security incidents, and assist in incident management as part of the response team.
Dashboards & Metrics: Implement security metrics and dashboards to provide visibility of enterprise infrastructure.
SOAR Platform Utilisation: Leverage SOAR platforms for automation of playbooks, case management, and streamlining processes.
Standardisation & Documentation: Produce clear documentation for standardised security operating procedures and ensure repeatability.
Enhanced Investigative Methods: Utilise SOC toolsets to develop advanced methods for threat recognition and analysis.
System Security Baseline: Maintain and adapt security baselines in response to evolving threats and trends.
Incident Root Cause Analysis: Participate in root cause analysis in coordination with enterprise engineers.
SME Guidance: Provide subject matter expertise in information security standards and best practices.
Critical Infrastructure Protection: Assist in identifying and protecting critical cyber defence infrastructure and resources.
SOC Documentation: Create and validate operational processes and procedures for the development of the SOC.
Strategic Guidance: Offer tactical and strategic guidance on security controls and governance.
Key Requirements:
Elastic Stack Proficiency: Strong working knowledge of Elastic Stack.
Enterprise ICS/Network Architectures: Extensive experience with enterprise network architectures and ICS.
SIEM Solutions: Proficient in SIEM technologies; skilled in identifying, creating, deploying, and tuning use cases.
Frameworks: Hands-on experience utilising these frameworks.
Virtualization Skills: Experience in using virtualisation software.
Security Framework Knowledge: Familiarity with ISO standards, NIST 800-53, and other key security frameworks.
Clear Documentation & Reporting: Ability to document and communicate security incidents effectively.
Government Documentation: Experience in writing Defence or Government documentation.
Security Dashboards: Expertise in creating and managing security alert dashboards.
Desirable Qualifications:
Broad Spectrum Cyber Course: CompTIA Sec+, SANS SEC401 or SEC501, or equivalent certifications.
SIEM Design & Analyst Course: SANS SEC455 or SEC555, or equivalent training.
This is a fantastic opportunity for a seasoned Cyber Defence Analyst to contribute to critical cybersecurity efforts within the government sector, ensuring robust defence against threats. If you have the expertise in cybersecurity operations, monitoring, and response, we encourage you to apply.
Please quote the Job Title & Vacancy Reference No. in your application, or we will be unable to match your CV to the role being applied for.
Security Clearance: High level security clearance is highly desirable; candidates with active clearance will be fast-tracked
Should you require reasonable adjustments at any point during the recruitment process or if there is a more accessible way for us to communicate, please do let us know.
If you consider yourself to have a disability or if you are a veteran, and you meet the essential criteria for the role, you will be put forward for the ‘Guaranteed Interview’ scheme whereby you will have the opportunity to discuss this role and your suitability with a member of the Sourcing team.
As an Equal Opportunities Employer, we provide the best talent and encourage all applications regardless of background, in line with our commitment to diversity, equality and inclusion.
Please send your CV directly to centralgov@tclrec.com
ALD
1
Job Ref: QAD 1869 1309
Anticipated Length of Assignment: Unless otherwise stated (we do carry the occasional permanent vacancy) all of our roles are technically temporary, though opening assignments can be and often are, extended by clients on a longer term basis and can sometimes become permanent.
Please do try to resist contacting us with requests for progress updates.
We really do read every CV sent to us. All applications will be acknowledged by a human, not a robot, provided the job remains live and provided your CV meets the “Essential Requirements” listed.
Please note that we do our level best to take down ads as soon as roles have been filled. We are not in the business of harvesting CVs.
Important: We will interpret your application as being permission to submit your CV to this role (with the right to represent you) unless you advise us to the contrary.