Senior security analyst - Hybrid

Salary: £45,000 per annum negotiable depending on experience + fantastic benefits!

Jisc grade: TCY3 (internal use only)

Hours: 35 hours per week

Contract: Permanent

Reports into: Lead cyber security incident investigator

Location: Hybrid - A blend of working from home and your nominated hub office, we have hubs in London, Bristol, Manchester and Oxford. Specific patterns for working in the office are not mandated, and the frequency of time worked in the office is agreed with your manager. Meeting in person is something we value so you may need to travel on occasion to any of our hub offices.

About Jisc:

Jisc is the UK digital, data and technology agency focused on tertiary education, research, and innovation. We are a not-for-profit organisation with a big ambition to improve lives through education and research by providing hardware, software, and networking solutions. Our talented people bring their own unique skills and experience to empower our members and customers with the technology they need to succeed. Take your next career step with us and you can make a real difference to the education and research sectors.

Cyber Security at Jisc:

Jisc, as the UK’s National Research and Education Network (NREN), provides the Janet Network, a high-speed digital foundation for collaborative research and education used by 20 million people in the UK. Use of Janet already includes a layer of cyber security protection, intelligence and support for users, with the new Jisc SOC now adding further enhanced security.

SOC relieves pressure on internal teams through its state-of-the-art technology and specialist expertise, providing 24/7 protection, threat detection, and rapid incident response. Jisc’s visibility of the Janet Network means that cyber threats can be detected and contained faster, minimising impact and disruption to learning and research.

About the role:

This role sits within the Security Operations team, who safeguards both the Janet Network and Internal security whilst also sharing intelligence and advising our members to keep their own networks safe. We currently have two opportunities available within our Security Operations Centre (SOC), reporting to different Lead specialists (CSIRT & SIEM).

Day to day activities will include the operation of Jisc’s Security Operations Centre Service, including alert and support ticket triage, recognise the need to escalate, participation in incident handling duties as part of the Janet network CSIRT function, threat detection and analysis, using a range of Jisc-developed and commercial network and security related tools to gather intelligence, mitigate attacks and provide a SOC and incident response capability.

You will also provide an escalation point for the Security Analysts, supporting the Security Leads with Incident Management and with the ongoing development of security systems, helping to generate new mitigations and enhancing the internal security of Jisc to defend against future attacks more effectively. 

Responsibilities will include:

• As directed by the Security Leads, support the team's response to security incidents, ensuring that they are handled promptly and effectively to minimize damage and downtime.
• Alongside the Security Leads, take responsibility for managing and coordinating major cyber incidents to a successful conclusion
• To support the continuous monitoring of SOC customer IT infrastructure, networks, and systems for signs of suspicious or malicious activity. This includes the use of Security Information and Event Management (SIEM) and Endpoint Detect and Response (EDR) Network and DDoS tools.
• To take part in the development of incident response drills and exercises to improve processes and procedures and to define improvement to incident response metrics. 
• To continuously improve current internal services technologies to improve threat analytics and incident management.
• To assist in monitoring, detecting, and mitigating threats to our members via our Security Information and Event Management (SIEM) system Splunk ES.

Key Skills and Experience:

• Sound understanding of IT environments and common infrastructure including: Microsoft Stack (Azure, Active Directory), Virtualisation Platforms, Backup Systems & Cloud Platforms. Active Directory hardening knowledge.
• Operational knowledge and experience of incident response.
• Experience in a previous role as a point of escalation
• Clear understanding of SIEM solutions such as Splunk Enterprise Security.
• Experience of using Splunk solutions.
• Familiarity with a range of security tools and systems such as SIEMs, EDR’s SOAR, IDS, WAF, DLP and DDoS mitigation systems.
• Sound working knowledge of TCP/IP and other related Internet protocols.
• Able to communicate effectively with a range of security professionals and to simplify complex technical issues.
• Excellent customer service skills with a pragmatic approach to handling incidents.
• Able to communicate effectively with a range of security professionals and to simplify complex technical issues.

Don’t meet every single requirement?

We know that sometimes people can be put off applying for a job if they think they can’t tick every box, so we encourage you to apply even if you do not meet 100% of the requirements, but you feel this role is perfect for you. You may be just the right candidate for this or other roles!

Why work for us?

At Jisc, everyone plays a key role and gets the chance to feel part of it, that to us is the definition of a meaningful career. We want to create a culture of lifelong learning. You can look forward to a rewarding job with opportunities to develop and make a real difference to the education and research sectors.

We believe a balance between your personal and professional life is essential to your happiness and fulfilment. We work flexibly at Jisc and focus on outputs rather than presenteeism and are open to a whole range of ways of working.

It isn’t about how many hours you spend at home or at work; it’s about the flow you establish that brings energy to both parts of your life. Our hybrid working policy is flexible, and the frequency of time spent in your nominated office will vary across teams and job roles.

Take a look at our fantastic benefits! We offer:

• Flexible work pattern, which can adapt to suit your schedules and personal commitments
• 31 days annual leave (plus bank holidays) that includes an additional three closure days over Christmas plus the opportunity to buy up to an additional 5 days
• Generous flexible pension schemes
• Protection benefit – life cover
• Annual Jisc performance award
• A range of wellbeing lifestyle benefits including company paid health care cash plan, employee assistance programme, mental health first aiders and support
• A generous budget to support you with external learning and continuous professional development
• Allocated allowance of up to £250 to equip your home office
• Financial well-being support including access to preferential loan and savings plans, mortgage advice, will writing tools and support and resources to help you make the most of your money
• The opportunity to donate to charity tax-free with our Payroll Giving benefit
• Electric Car Lease Scheme and option to purchase SmartTech – spreading the cost of your everyday white goods and technology
• A wide range of discounts from retailers and big-name high-street stores and CSSC membership
• Family friendly policies including enhanced parental, maternity and paternity leave and opportunity for career breaks
• Support your volunteering with up to 3 days volunteer leave
• Cycle to work scheme and eye care scheme including free eye test vouchers and £70 towards new glasses for VDU use
• Free flu vaccinations
• Employee recognition awards and travel loans
• A company culture which supports and promotes personal learning and development, including access to thousands of courses on LinkedIn Learning

Equity, diversity and inclusion:

At Jisc, we don’t look for ‘sameness’, but to truly include people who can add unique perspectives and experiences to our culture, and we are working hard to achieve progressive change. ‘Always inclusive’ is one of our six guiding principles which actively encourages us to bring our whole authentic selves to work. We believe that our commitment to equity, diversity and inclusion is fundamental to our success.

Jisc believes our people make all the difference in cultivating an inclusive culture that welcomes ideas, encourages innovation, and values belonging. We work with passionate colleagues to strengthen knowledge and awareness, provide learning and development opportunities, and foster multiple employee networks which create a sense of community and influence our policies and practice.

We work hard to create an equitable experience for our candidates and workforce which embraces all aspects of their identity including race and ethnicity, religion and belief, sex, gender identity, sexual orientation, trans identities, age, class, disability, neurodivergence, or veteran status.

Application process:

We want you to showcase your talent throughout the recruitment process. Please let us know how we can best support you to do that; for example, if there are any reasonable adjustments we may be able to put in place. We will be happy to help you.

Just so you know, we review CVs as soon as we can and aim to provide an update on your application within 4 weeks of receiving it.  However, you may hear from us a lot sooner, so please keep an eye out for our emails or calls! 

If you are currently a Jisc employee, please apply through your Dayforce Employee profile.

Jisc has an active sponsor licence to recruit on a Skilled worker visa basis. Candidates wishing to apply who require sponsorship should determine the likelihood of obtaining a Certificate of Sponsorship for the role by assessing their circumstances against the relevant Home Office criteria. Jisc does not offer any financial re-imbursement towards the applicant costs, such as re-location, skilled worker visa and dependant costs or the immigration health charge.

No agencies please.