Cyber Security Analysts
Role details
Job location
Tech stack
Job description
This is a key blue-team role within the British Steel Cyber Security team, focused on defending corporate IT systems, data and services and, delivering ongoing improvement across a complex enterprise environment. Working closely with the Cyber Security Officers, the wider team and the outsourced Security Operations Centre, the IT Cyber Security Analyst monitors, investigates and responds to threats, runs the vulnerability and patching cycle, and helps drive the maturity of detection, response and security hygiene across the estate. The role also owns the day-to-day delivery of patching across the IT estate and the coordination of patching on business-critical platforms. It suits someone with strong defensive instincts, a methodical approach and the interpersonal skills to work effectively with infrastructure, applications, operational and third-party teams to get fixes deployed and risk reduced. It is a real opportunity to grow a blue-team career in a nationally significant industrial business undergoing a major security transformation., Security monitoring, delivery and response
- Work with the Security Operations Centre and Managed Detection and Response (MDR) provider to monitor, triage, investigate and respond to security incidents across the IT and OT estate.
- Contribute to incident response, investigation and root-cause analysis, capturing lessons learned and feeding them back into detection and controls.
- Take part in structured, hypothesis-driven threat hunting and help turn findings into improved detection content.
- Maintain and enhance endpoint, network and identity security solutions, and support identity and access management controls including conditional access and privileged access.
- Identify opportunities for improvement to the security posture across both the IT and OT estate
Patching and Vulnerability management
- Own day-to-day patching of endpoint clients and servers using automated patching tools: scheduling, deployment, exception handling, verification and reporting.
- Arrange and coordinate patching on Enterprise Resource Planning (ERP) and Operational Technology (OT) systems, working with the specialists responsible for those environments, and report progress to closure.
- Support the vulnerability management process: scanning, validation, risk-based prioritisation, assignment to owners, remediation tracking and reporting.
Controls hardening and assurance
- Implement and support security controls across IT & OT infrastructure, networks and cloud platforms, applying secure-by-design principles across IT programmes and changes as agreed with the relevant Technical Authorities.
- Support the development and enforcement of cyber security policies, standards and procedures.
- Participate in security audits, reviews and compliance activities, maintaining evidence of control effectiveness.
Requirements
- Experience in a cyber security analyst, IT service and support or EC&I / OT Technician or Engineering role .
- Strong understanding of IT security principles across network, endpoint, identity and cloud security.
- Experience of patching at scale using automated patching tools across endpoint clients and servers.
- Knowledge of security technologies.
- Experience working with or alongside a Security Operations Centre (SOC/MDR), and of investigating and responding to security incidents.
- Strong analytical and problem-solving skills.
- Excellent interpersonal and communication skills, with the ability to coordinate fixes across infrastructure, applications, operational and third-party teams.
- Experience working within structured IT environments (for example ITIL).
Desirable:
- Hands-on experience with Security Information and Event Management (SIEM), Endpoint Detection and Response (EDR) or Extended Detection and Response (XDR), and vulnerability management tools.
- Experience coordinating patching or change on ERP or OT systems alongside specialist teams.
- Knowledge of Zero Trust architecture and network segmentation.
- Experience with identity protection and privileged access management.
- Familiarity with security standards and frameworks (ISO 27001, National Cyber Security Centre guidance IEE42263).
- Experience with threat intelligence or advanced threat detection, and with structured threat hunting.
- Scripting or automation experience (PowerShell, Python).
- Experience with asset inventory and discovery tools, and exposure to cloud security / EntraID.
- Relevant certifications (Security+, Blue Team Level 1, CISSP, Azure Security, or equivalent).
Benefits & conditions
Pulled from the full job description
- Annual leave
- Sick pay
- Employee assistance programme
- Company pension, Whatever your stage in life, you'll find a range of benefits to complement your work-life balance. The benefits you'll enjoy include:
- Defined contribution company pension scheme
- 27 personal annual leave days + statutory bank holidays
- Life Assurance
- A comprehensive Company sick pay scheme
- Health Cash Plan via our partnership with Simply health
- Employee Assistance Programme
- Standby and call-out payments
- Family friendly benefits including enhanced maternity, paternity, and adoption leave.