SOC Security Analyst

Location: Salford Quays, M5 3TT (Hybrid working)

Contract Type: Full Time


The Team

The Security Operations and Response Department Identifies, detects and investigates security threats affecting corporate and customer platforms gathered from disparate sources, including from cyber threat sensors and threat intelligence data.
The team will Implement containment, eradication, recovery, forensic and post incident measures commensurate with the threat to business operations and will coordinate and escalate response partners as appropriate.


  • 3 Years+ Infra/Network/Security experience
  • 2 Years+ SOC Analyst experience
  • Understanding of Cyber Security Principles
  • Understanding of SIEM
  • Experience of, DLP, WAF, IPS, Web Proxy techs
  • Experience of threat hunting
  • Ability to obtain & hold security clearance

Some of the key responsibilities will include but not be limited to:

Work as part of a 24*7 SOC Shift team.

  • Develop and maintain incident response playbooks for common threat and incident types, ensuring that colleagues are formally kept aware of any changes.
  • Triage and manage Security Events and Incidents reported by both internal and external sources through their lifecycle, from identification through to mitigation, within defined SLA's.
  • Support Security Incident Managers and other members of the Security team in the handling of major Security Incidents.
  • Proactively hunting for threats through analysis and correlation of event and flow data from a variety of sources.
  • Engage and escalate Security Incidents to TalkTalk resolver groups and third parties as appropriate.
  • Identify and drive continual monitoring and response improvements, including use case, content and playbooks, that will lead to a reduction in Mean Time To Detect (MTTD) and Mean Time to Respond (MTTR) metrics.
  • Perform root cause analysis of P3 & P4 incidents and drive resolution of contributing factors with Resolver groups and Business Stakeholders.
  • Manage, monitor and maintain Security Operations managed Security Controls such as SIEM, DLP, SWG and WAF appliances.
  • Handle incoming Security Service Requests & Queries on behalf of the wider Security team
  • Ensure that personal and colleague Information Security knowledge is always current and up to date with latest threats and mitigation actions.
  • Contribute to Daily Security Incident calls.
  • Produce and deliver daily and weekly metrics and reports. 

Be great to also have the following experience:

  • Relevant security qualification or degree
  • Responsibility for managing security technologies
  • Working in a Network Support function

As a recognised Top 50 Inclusive Employer in the UK, we know that diversity means success and innovation. We want our workplace to reflect the communities and customer we serve. Being inclusive is part of our DNA; we are all 100% human, and we create a culture where you can truly be yourself.

We’re also not your usual 9-5. We are a dynamic workplace and we want to talk to you about how you like to work.


  • My Wellbeing

    We want you to feel good at work — and not just because you’re doing great things for our customers. We run lots of wellbeing initiatives throughout the year.

  • My Products

    We offer all of our people free TalkTalk Fibre, TV and Phone (you’ll be helping us make them what they are, so it’s only fair that you get to enjoy them).

  • My Flexibility

    We all lead different lives and like to work differently, so whether it's working from home or starting and finishing your day later, we’ll give you the flexibility you need to do your best work.

  • My Benefits

    Think company pension scheme, private medical insurance, income protection and life assurance, plus all sorts of other benefits designed to make your life easier.


SOC Security Analyst

Location: Salford Quays, M5 3TT

Contract Type: Full Time