Join OneAdvanced
Cyber Security Operations Analyst (SOC)
Location: Hybrid, 2 days per month in BirminghamType: Permanent, Full Time
Working Pattern: On call one week in six (either 7:00-15:30, or 9:00-17:30)
We are seeking a Security Operations Analyst to join our Cyber Security team and play a key role in protecting our organisation from evolving cyber threats. Working as part of a Security Operations Centre (SOC), you will monitor, detect, investigate, and respond to security incidents across our technology estate.
This role offers a strong opportunity for a technically curious professional with experience in cyber security monitoring, data loss prevention (DLP), automation, and an interest in applying Large Language Models (LLMs) within a cyber security context.
What You Will Do
Monitor and analyse security alerts from multiple tools, including Google SecOps, Microsoft Defender, and Forcepoint, escalating incidents where required
Carry out initial and intermediate investigations to assess the severity, scope, and impact of security incidents
Perform proactive threat hunting using telemetry and intelligence from SIEM, EDR, and threat intelligence feeds
Use automation platforms such as Microsoft Power Automate, Python, or scripting tools to improve investigation and response workflows
Assist in developing LLM-based workflows to support security automation use cases including alert enrichment, triage, and documentation
Support the configuration, monitoring, and continuous improvement of DLP policies across Microsoft Purview, email, and endpoint channels
Contribute to the creation and maintenance of incident response playbooks, procedures, and documentation in line with best practice
Work with asset owners to ensure the security tooling inventory remains accurate and effective
Maintain high-quality incident records and contribute to post-incident reviews to drive continuous improvement
Support wider cyber security initiatives to improve detection, visibility, and response across the organisation
What You Will Have
Strong foundational experience in security monitoring, incident response, or threat analysis within a SOC or similar environment
Hands-on experience with SIEM platforms, ideally Google SecOps (Chronicle) or equivalent
Practical experience using automation tools such as Microsoft Power Automate, Python, or PowerShell
Awareness of how Large Language Models can be applied in cyber security, including prompt design, data sanitisation, and responsible AI use
Understanding of Data Loss Prevention principles, including policy creation, triage, and escalation
Familiarity with the Microsoft Defender security ecosystem is highly desirable
Strong analytical and problem-solving skills, with attention to detail and a continuous improvement mindset
Clear written and verbal communication skills, with the ability to document incidents and collaborate with technical and non-technical teams
Relevant certifications such as CompTIA Security+, Microsoft SC-200, or similar are beneficial but not essential
What We Do For You
Wellbeing that means something
- 26 days’ holiday + bank holidays (and the option to buy more) plus 1 paid volunteering day every year
- Exceptional family leave, 26 weeks fully paid maternity/adoption, 4 weeks fully paid paternity, 22 weeks fully paid shared parental leave, plus 5 days paid bereavement leave
- Robust sick pay of up to 13 weeks full pay + 13 weeks half pay
- 24/7 Employee Assistance Programme for confidential support
- Private medical insurance for everyone, no medical-history exclusions
Financial benefits that have your back
- Performance-based rewards tailored to your role, from company-wide bonuses to OTE and commission structures
- Income protection: up to 75% salary for 5 years if you ever need it
Grow your career with us
- SkillsHub learning platform with leadership pathways, future-manager training, and a huge online library
- Access to external training and apprenticeships
Making a Difference
- MatchIt! Fundraise for a cause close to your heart and OneAdvanced will match part of the funding
- Pennies from Heaven donate the pennies from your pay check to help make a difference without lifting a finger
Plus plenty other flexible benefits to suit your lifestyle on our RewardHub, including:
- ULEV car scheme with 1,000+ models
- Dental insurance, Health Cash Plan, Critical Illness Cover, Partner Life Cover
Who We Are
At OneAdvanced, we are at the forefront of delivering sector-focused technology solutions that simplify complexity, drive meaningful progress, and help build a fairer, more inclusive society. We’re much more than a software company. We deliver SaaS workflow applications and IT services that power organisations across Education, Government, Healthcare, Legal, Manufacturing, Housing, Retail, and more.
OneAdvanced is one of the UK’s largest business software and services companies. Based in Birmingham (The Mailbox), operating across the UK, Ireland, India, and Australia. Our secure, scalable platform, including OneAdvanced AI, our private AI service for UK organisations, powers connectivity and innovation across critical sectors. Alongside our software are our IT services, including hosting, managed services, and application modernisation.
We strive to create an inclusive workplace that drives innovation and collaboration, championing diverse perspectives and ideas. Our Environmental, Social and Governance (ESG) strategy is embedded in everything we do, guiding us to create meaningful impact for our people, our customers and the planet.
Join us and become part of a team that’s powering the world of work and making a real difference.
Learn more at www.oneadvanced.com