Lead Threat Detection Analyst - Operational Technology (OT)

Job Title: Lead Threat Detection Analyst - Operational Technology (OT)

Location: Preston. We offer a range of hybrid and flexible working arrangements - please speak to your recruiter about the options for this particular role.

Referral Scheme Bonus: £2,000

Grade: GG11

You’re expected to have completed 12 months in role prior to applying for an advertised vacancy and you should also discuss the internal opportunity with your line manager to ensure sustained business continuity and to further support your career development.

We know there may be exceptional individual circumstances that impact this, in the first instance please discuss this with your line manager.

If you don’t feel you can talk to your Line Manager, you can contact your HRBP.

PLEASE NOTE: Should you be invited for interview; you acknowledge that the Recruitment team will contact you and your line manager regarding your application for this opportunity.

What you’ll be doing:

Delivery of core triage function as part of protective monitoring services across a range of networks/services focusing on Operational Technology (OT)

Overseeing and contributing to the analysis and escalation of security threats and incidents identified on OT systems

Coordinate with Cyber Operations teams to respond to identified security threats and mitigate prior to impact

Lead the development of people, process and technology improvements to aid the service development

Provide subject matter advice on security analysis and development of detection content

Deputise for the Threat Detection Manager when required

Analyses requirements and advises on scope and options for continual operational improvement

Your skills and experiences:

Essential:

Experience of working within Security Operations or equivalent roles

Experience with Operational Technology environments

Demonstrable leadership in Operational Management

Experience in the application of relevant industry standard frameworks (MITRE ATT&CK/D3FEND/ENGAGE etc.) in an operational environment

A good level of knowledge and proficiency in the use of SIEM platforms, tools and analytical techniques Innovative approach to analysing and solving problems

Desirable:

Industry recognised qualification (OSDA, GIAC etc.) or equivalent proven industry experience

Benefits:

As well as a competitive pension scheme, BAE Systems also offers employee share plans, an extensive range of flexible discounted health, wellbeing and lifestyle benefits, including a green car scheme, private health plans and shopping discounts - you may also be eligible for an annual incentive.

The Cyber Operations team:

Cyber Operations is responsible for protecting BAE Systems from Cyber Attack by various threat actors. Not only do we protect BAE Systems and its employees, indirectly we protect those who protect us – who serve in our military and rely on the products and services we create. Across Threat Intelligence, Detection, Incident Response and now Active Defence we work to evolve cyber operations as a world class capability.

Why BAE Systems?

This is a place where you’ll be able to make a real difference. You’ll be part of an inclusive culture that values diversity of thought, rewards integrity, and merit, and where you’ll be empowered to fulfil your potential. We welcome people from all backgrounds and want to make sure that our recruitment processes are as inclusive as possible. If you have a disability or health condition (for example dyslexia, autism, an anxiety disorder etc.) that may affect your performance in certain assessment types, please speak to your recruiter about potential reasonable adjustments.

We welcome applications from all suitably qualified people, who are BAE Systems employees and have been in their current role for 12 months or longer.

Please be aware that many roles at BAE Systems are subject to both security and export control restrictions. These restrictions mean that factors such as your nationality, any nationalities you may have previously held, and your place of birth can restrict the roles you are eligible to perform within the organisation. All applicants must as a minimum achieve Baseline Personnel Security Standard. Many roles also require higher levels of National Security Vetting where applicants must typically have 5 to 10 years of continuous residency in the UK depending on the vetting level required for the role, to allow for meaningful security vetting checks.