Job Title

Leeds, Yorkshire and the Humber, United Kingdom JobFlurry-WhatJobs-GB Posted today Full Job DescriptionLocation(s): UK, Europe & Africa : UK : Leeds BAE Systems Digital Intelligence is home to 4,500 digital, cyber and intelligence experts. We work collaboratively across 10 countries to collect, connect and understand complex data, so that governments, nation states, armed forces and commercial businesses can unlock digital advantage in the most demanding environments. Job Title: Lead SOC Analyst Requisition ID: 121667 Location: Leeds Grade: GG10 - GG11 Referral Bonus: £5,000 Role descriptionBAE Systems has been contracted to operate and improve a dedicated Security Operations Centre (SOC) supporting a major UK CNI organisation. The networks are primarily hosted in Azure and AWS cloud platforms, with hundreds of systems to be protected. The SOC aims to set a benchmark of best practice against significant threats. The SOC staff, including BAE and customer personnel, are based in multiple locations, with daily operations in Leeds due to network access requirements. The SOC Analyst roles are shift-based, working 24/7 in four rotation teams, responsible for using SIEM tools to detect and investigate security incidents within monitored networks. These roles require at least SC clearance and readiness for DV clearance. ResponsibilitiesPrepare and deliver shift handover briefs. Monitor, triage, analyze, and investigate alerts, logs, and network traffic to identify cyber threats. Classify suspected incidents following security policies. Recognize intrusion attempts and compromises through detailed analysis. Write high-quality security incident tickets and conduct research. Assist with and support incident remediation activities. Produce incident review reports and recommend improvements. Understand and apply Threat Intelligence in operations. Support national-scale incident response in a coaching capacity. Collaborate with teams to improve services based on customer needs. Develop workflows for automation using SOAR tools. Propose service improvements and updates based on evolving threats. RequirementsTechnicalBasic scripting skills (Python or similar), familiarity with Windows, OS X, Linux. Experience with Splunk and Sentinel. Knowledge of security tools and architecture, especially networking. Understanding of threat intelligence, TTPs, and operationalization. Experience investigating complex network intrusions. Understanding of TCP/IP layers and cloud services (Azure/AWS). Content development experience with Splunk (ES) or Sentinel is desirable. Non-technicalClient engagement, stakeholder communication, and report writing skills. Mentorship and security process development abilities. Cultural adaptability and independent working skills. Teamwork in diverse, multidisciplinary teams. DesirableSoftware engineering experience. Penetration testing skills. Life at BAE Systems Digital IntelligenceWe support hybrid working, enabling remote collaboration across locations and times. Diversity and inclusion are core to our culture, fostering a workplace where varied perspectives and backgrounds drive excellence.#J-18808-Ljbffr