×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Network Security Security Manager

Cyber Security Analyst

Remote / Online - Candidates ideally in
Bristol, Bristol County, BS1, England, UK
Listing for: Leonardo
Remote/Work from Home position
Listed on 2026-02-28
Job specializations:
  • IT/Tech
    Cybersecurity, Network Security, Security Manager
Salary/Wage Range or Industry Benchmark: 60000 - 80000 GBP Yearly GBP 60000.00 80000.00 YEAR
Job Description & How to Apply Below

Overview

We re looking for a Cyber Security Analyst to join the ARCHANGEL™ Protective Monitoring (Pro Mon) Team. ARCHANGEL™ delivers specialist technical cyber security services to a range of clients across industries including construction, government, defence and aerospace. The ARCHANGEL™ Pro Mon Team sits within the Bristol Service Operations Centre (SOC) and is responsible for providing thorough initial investigation into anomalous network activity that may lead to potential security incidents.

Beyond ARCHANGEL™, Leonardo and its Cyber Security division are a world leader in safety-through-technology, providing tailored solutions for customers in public administration, public safety and security, critical infrastructure, services, transport, post and logistics. You will be joining our highly skilled team at our Bristol site. This is a great opportunity to bring your talents and form an integral part of Leonardo s future.

We can help you develop your skills and offer great opportunities to develop and grow, so why not join us!

Leonardo is committed to designing policies and developing a working environment that promote the benefits and well-being of all our employees, helping you achieve balance between work and life.

Responsibilities
  • Provide monitoring, alerting and incident handling services within the SOC in line with SLAs and within the 24/7/365 shift pattern
  • Act as the initial analytical reference point for identifying and quantifying the nature and extent of security incidents and offer initial professional advice relating to possible business impact to reduce Mean Time to Detect (MTTD) and Mean Time to Respond (MTTR)
  • Advise on incident containment measures through recommended initial actions to customers in collaboration with the Incident Response (IR) Team
  • Provide advice relating to potential mitigation measures to prevent or limit future recurrence in collaboration with the IR Team
  • Have an understanding of Incident Response, Cyber Kill Chain, Threat Modelling and pertinent Attack Vectors
  • Collaborate with the team to create pertinent Playbooks, Use Cases, etc.
  • Perform proactive analysis across client networks by staying abreast of current threats and trends
  • Develop and maintain a credible knowledge of current and emerging threats likely to affect the integrity of the managed service you are protecting
  • Review recurring false positive firings and assist in tuning SIEM and IDS rules to reduce false positives and maintain good security alerting
  • Ensure all operational incidents, on-going tickets and relevant information are handed over to the oncoming shift using the shift handover process and documentation (HOTO)
  • When required, assist in the creation of reporting for management and clients on security incidents and threat intelligence trends
What You’ll Bring
  • Be able to excellently communicate at all levels; working with customers is a must, so be able to explain what s going on
  • Experience in Cyber Security, e.g. Protective Monitoring, Incident Response, Security Engineering
  • SIEM (Log Rhythm, Arc Sight, Splunk, etc) & IDS (Snort) experience
  • Sound knowledge of IT security best practice, common attack types and detection/prevention methods
  • Experience analysing and interpreting system, security and application logs to diagnose faults and spot abnormal behaviours
  • Strong organisational skills and attention to detail
  • Ability to work independently and as part of a team
  • Highly motivated with the aptitude to learn new skills
  • Ability to work within a Hybrid Remote Working shift pattern covering 24/7/365 operations
  • Occasional travel may be required
These Additional Skills Will Also Help
  • SANS SEC 503 Intrusion Detection in Depth or equivalent
  • SANS SEC 504 Incident Handling, Hacker Tools and Techniques or equivalent
  • SANS SEC 508 Advanced Incident Response, Threat Hunting, and Digital Forensics or equivalent
  • SANS SEC 511 Continuous Monitoring and Security Operations or equivalent
  • Exposure to IT service management best practices such as ITIL
  • Knowledge of standards & guidelines such as ISO
    27001, GDPR principles and GPG-13
  • Threat Intelligence experience
  • Report Writing

This is not an exhaustive list, and we are keen to hear from you…

Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search