Cyber Security Analyst
SNG (Sovereign Network Group) is one of the largest housing groups in England. We provide over 85,000 homes and invest in local areas across the South, West and East of England, including London, as well as building thousands of new low-cost homes every year.
We're seeking a Cyber Security Analyst to join our Digital, Technology & Data Analytics team within the CIO team in Wembley, working hybrid from home and the office 2 days per week.
This is an exciting opportunity to play a crucial role in safeguarding our organisation against cyber threats and ensuring the resilience of our digital infrastructure.
The role:
As a Cyber Security Analyst, you will support the improvement of organisational resilience by reducing the likelihood and impact of cyber incidents. Working closely with our external Security Operations Centre (SOC) provider, you will monitor security events, conduct initial triage of incidents, and contribute to the remediation of vulnerabilities across our systems, networks, applications, and data.
Key Responsibilities
- Monitor, investigate and respond to security events and alerts using SIEM platforms and other security tools, serving as an escalation point for complex incidents.
- Conduct in-depth investigations, threat hunting activities and root cause analysis to identify and mitigate security risks.
- Own and enhance security data ingestion, develop and maintain KQL queries, create analytics rules, and automate processes through playbooks.
- Drive vulnerability management and remediation initiatives across on-premises infrastructure and cloud environments.
- Support the administration, monitoring and optimisation of Palo Alto Next-Generation Firewalls (NGFW), ensuring effective perimeter security, threat prevention and secure remote access.
- Participate in an on-call rota for out-of-hours cyber incident response.
What We're Looking For
- A minimum of two years' experience in a Cyber Security Analyst or similar security-focused role.
- Strong understanding of cyber security principles, frameworks and industry best practices.
- Hands-on experience with SIEM and security operations platforms, particularly Microsoft Sentinel and Microsoft Defender XDR, alongside strong KQL skills.
- Proven ability to optimise log ingestion, develop analytics rules and improve asset visibility across complex environments.
- Good understanding of network security concepts, with practical experience of Palo Alto firewall technologies.
- Experience using Microsoft Intune to implement security baselines, compliance policies and Conditional Access controls.
- Experience with enterprise vulnerability management tools and a track record of driving remediation activities across infrastructure and cloud estates.
- Excellent communication, stakeholder engagement and technical documentation skills, with the ability to explain complex security issues clearly to both technical and non-technical audiences.