Sourcing as a channel, not a feature.
hackajob is partnering with OneAdvanced to fill this position. Create a profile to be automatically considered for this role—and others that match your experience.
We are seeking a Security Operations Analyst to join our Cyber Security team and play a key role in protecting our organisation from evolving cyber threats. Working as part of a Security Operations Centre (SOC), you will monitor, detect, investigate, and respond to security incidents across our technology estate.
This role offers a strong opportunity for a technically curious professional with experience in cyber security monitoring, data loss prevention (DLP), automation, and an interest in applying Large Language Models (LLMs) within a cyber security context.
This is a hybrid role requiring just 2 days per month onsite in Birmingham, with participation in a 1-in-6 on-call rota working either 7:00am–3:30pm or 9:00am–5:30pm shifts.
You will play a key role in monitoring, investigating, and responding to cyber security threats, while helping to enhance our detection, automation, and data protection capabilities across the organisation.
Monitor and analyse security alerts from multiple tools, including Google SecOps, Microsoft Defender, and Forcepoint, escalating incidents where required
Carry out initial and intermediate investigations to assess the severity, scope, and impact of security incidents
Perform proactive threat hunting using telemetry and intelligence from SIEM, EDR, and threat intelligence feeds
Use automation platforms such as Microsoft Power Automate, Python, or scripting tools to improve investigation and response workflows
Assist in developing LLM-based workflows to support security automation use cases including alert enrichment, triage, and documentation
Support the configuration, monitoring, and continuous improvement of DLP policies across Microsoft Purview, email, and endpoint channels
Contribute to the creation and maintenance of incident response playbooks, procedures, and documentation in line with best practice
Work with asset owners to ensure the security tooling inventory remains accurate and effective
Maintain high-quality incident records and contribute to post-incident reviews to drive continuous improvement
Support wider cyber security initiatives to improve detection, visibility, and response across the organisation
You will bring hands-on experience in security operations and incident response, alongside strong technical, analytical, and communication skills, with a keen interest in automation and emerging technologies within cyber security.
Strong foundational experience in security monitoring, incident response, or threat analysis within a SOC or similar environment
Hands-on experience with SIEM platforms, ideally Google SecOps (Chronicle) or equivalent
Practical experience using automation tools such as Microsoft Power Automate, Python, or PowerShell
Awareness of how Large Language Models can be applied in cyber security, including prompt design, data sanitisation, and responsible AI use
Understanding of Data Loss Prevention principles, including policy creation, triage, and escalation
Familiarity with the Microsoft Defender security ecosystem is highly desirable
Strong analytical and problem-solving skills, with attention to detail and a continuous improvement mindset
Clear written and verbal communication skills, with the ability to document incidents and collaborate with technical and non-technical teams
Relevant certifications such as CompTIA Security+, Microsoft SC-200, or similar are beneficial but not essential
#LI-RL1
Wellbeing that means something
Financial benefits that have your back
Grow your career with us
Making a Difference
Plus plenty other flexible benefits to suit your lifestyle on our RewardHub, including:
At OneAdvanced, we are at the forefront of delivering sector-focused technology solutions that simplify complexity, drive meaningful progress, and help build a fairer, more inclusive society.
We’re much more than a software company. We deliver SaaS workflow applications and IT services that power organisations across Education, Government, Healthcare, Legal, Manufacturing, Housing, Retail, and more.
OneAdvanced is one of the UK’s largest business software and services companies. Based in Birmingham (The Mailbox), operating across the UK, Ireland, India, and Australia.
Our secure, scalable platform, including OneAdvanced AI, our private AI service for UK organisations, powers connectivity and innovation across critical sectors. Alongside our software are our IT services, including hosting, managed services, and application modernisation.
We strive to create an inclusive workplace that drives innovation and collaboration, championing diverse perspectives and ideas. Our Environmental, Social and Governance (ESG) strategy is embedded in everything we do, guiding us to create meaningful impact for our people, our customers and the planet.
Proud to be recognised in the Financial Times’ Best Employers 2026 list for the second-year running, an independent and data led ranking based on employee feedback. Join us and become part of a team that’s powering the world of work and making a real difference.
Join us and become part of a team that’s powering the world of work and making a real difference.
Learn more at www.oneadvanced.com
hackajob is partnering with OneAdvanced to fill this position. Create a profile to be automatically considered for this role—and others that match your experience.