Overview

The Senior Security Analyst (Ops) sits within the Protective Monitoring function of the Cyber Security Operations Centre (CSOC). The CSOC comprises Protective Monitoring, Incident Management, Threat Operations, Engineering and Consultancy. The role is a Tier 3 analyst in the XDR Protective Monitoring Sub team.

Responsibilities

• Provide Tier 3 security analytics and incident response for service-specific security monitoring.
• Deputise for Security Lead (Analyst) in their absence.
• Act as an escalation point for Tier 2 Analysts for incidents and investigations.
• Offer mentorship and guidance to Tier 2 Analysts to support others and their own growth and development.
• Keep up to date with the latest security and technology developments, including researching and evaluating emerging cyber security threats and ways to manage them.
• Use advanced analytic tools including SIEMs and XDR to determine emerging threat patterns and vulnerabilities.
• Apply experience and knowledge to assist with investigations of triggered security alerts.
• Support with the development and automation of SOC processes, to mature the security monitoring service.
• Assist with the refinement of Use Cases and identification of areas for improvement of overall security posture.

Context and Purpose

The NHS England board has set the top-level purpose for the organisation, including enabling local systems and providers to improve health outcomes, making the NHS a great place to work, ensuring a capable healthcare workforce, optimising digital technology use, and delivering value for money.

Additional Information

• The post of Senior Security Analyst has been awarded a Recruitment and Retention Premia (RRP) in response to current labour market conditions. The role attracts an additional monthly RRP payment equal to 20% per annum. RRP is non-contractual and subject to review.
• Colleagues with a contractual office base are expected to spend, on average, at least 40% of their time working in-person.
• Staff recruited from outside the NHS will usually be appointed at the bottom of the pay band.
• Inter Authority Transfer (IAT) will be run in ESR if successful at interview; onboarding information from a previous or current NHS employer may be gathered.
• Please ensure your supporting statement includes demonstrable evidence and specific examples on how you meet the criteria for each of the key skills specified.
• Residency and security requirements: All NHS England Cyber Security personnel must hold Security Clearance level as a minimum. SC clearances require 5 years continuous UK residency, with possible reduction to three years in certain cases with additional overseas checks. If you cannot meet SC requirements after offer, the job offer may be withdrawn. For guidance, see the national security vetting guidance linked in the original advert.
• Job title on hire will be Senior Security Analyst; this job title is advertised to attract the right skills for the role. The fixed-term contract is for a short-term vacancy.
• Details about the role and requirements are provided in the attached Job Description and supporting documents. Secondments from NHS staff are on a secondment basis only, subject to employer agreement.
• Advert closes on Thursday 11 Sep 2025.

If you would like to know more or require further information, please visit https://www.england.nhs.uk/.