Manchester (Hybrid working model, an expectation of 3 days in the week on site ) Shift : Monday - Friday 9am-5.30pm with a requirement to cover holiday and annual leave of analysts on Day/Night shift rotations. Competitive Salary plus performance related bonus This role will lead our approach to Security Response at Smart DCC, assisting with the toolsets, processes and capabilities required to effectively deliver a world class security operations Centre. Responsibilities will include leading security investigations that are initiated by managed security services (SOC) or from events generated by our security tools. You will be joining an exciting and growing area and will be instrumental in supporting and advancing the operational security capabilities of the Cyber Security Team. There will be opportunity to work on and establish new Security Projects, as well as provide an advisory role to other elements of the business on best practice. The role will require establishing relationships with key stakeholders in Risk, Technology and Operations, as well as establishing yourself as a SME for cyber security within the organisation. What will you be doing? Lead incident response for potential incidents identified, ensure that incidents are correctly reported and documented in accordance with the relevant policies and procedures. Act as the primary point of contact for the Security Operations Manager for potential incidents, support more junior analysts’ subsequent analysis and investigation to determine their severity and the response required. Provide a Technical Escalation Point during security incidents, working collaboratively to establish the extent of an attack, the business impacts, and advising on how best to contain the incident along with system hardening and mitigation measures to prevent a re-occurrence. Provide supervisory support to the Security Operations Manager where necessary and help develop talent within the team through technical training and table-top exercises. Update Protective Monitoring/SOC documentation, processes and procedures and ensure currency and assist in the development of operational metrics and dashboard reporting. Work collaboratively with internal and external teams to identify opportunities for security improvements and review products that can advance our security capabilities, such as tools that support analysis/detection and other emerging technologies. Gather forensic data and physical equipment, to perform in depth root cause analysis. Support Use case tuning through auditing and approval, alongside developing new detection content including machine learning analytics and Security Automation Orchestration and Response (SOAR). What are we looking for? Ability to work independently to deliver personal and team objectives, liaising with relevant teams. Able to work under pressure and make judgment calls based on available information. Able to evidence collaborative working with teams and stakeholders to share information, coordinate responses, and improve inter-team relationships. Previous experience within a Security Operations role. Exposure to key security technologies, such as IDS, Web content filters, AV, SIEM, Vulnerability Management, Firewalls, and awareness of their purpose in a layered security approach alongside analysing their outputs for security anomaly detection. In-depth understanding of the cyber threat landscape, advanced adversary tactics, and the MITRE Att&ck Framework. Strong Understanding of low-level concepts including operating systems, Active Directory, windows and Linux server environments, alongside computer networking. Knowledge of cloud environments and SaaS applications such as AWS, Azure, Office 365, & Defender. Must have the ability to gain and hold HMG Security Clearance at "Security Check" (SC) level. 3 years plus security incident management experience. Desirable Skills: Previous experience in a similar role (Senior SOC Analyst, Lv3 SOC Analyst, etc) Experience of tooling such as Elasticsearch, Tenable, ServiceNow, & Remedy About the DCC: At the DCC, we believe in making Britain more connected, so we can all lead smarter, greener lives. That desire to make a difference is what drives us every day and it wouldn’t be possible without our people. Each person at the DCC brings a special kind of power to the business, and if you join us, we’ll give you the means to unleash yours. Here, we depend on each other and hold each other accountable. You have the power to challenge and make change, to take the initiative and enjoy real responsibility. Whether it’s doing purposeful work, helping us grow or building the career you want - we’ll give you the support to do it all. Our secure network for smart meters is transforming Britain’s energy system and helping the country’s fight against climate change: we want you to be part of our journey. Company benefits: The DCC’s continued success depends on our people. It’s important to us that you enjoy coming to work, and feel healthy, happy and rewarded. In this role, you’ll have access to a range of benefits which you can choose from to create a personalized plan unique to your lifestyle. Join the DCC and discover the power of you. What to do now Choose 'Apply now’ to fill out our short application, so that we can find out more about you. As a Disability Confident member, DCC is committed to ensuring an inclusive and accessible recruitment process.