CrawlJobs Logo

Lead Cyber Operations Analyst

United Kingdom, Knutsford · Job Posted April 11, 2026
Apply Position
Job Link Share

Job Description

Join us at Barclays as a Lead Cyber Operations Analyst, where you’ll play a key role in strengthening our cyber containment capabilities and supporting our transition to a more advanced Cyber Operations model. In this senior role, you’ll coordinate complex bank‑wide activities, guide critical testing efforts, and help protect the organisation against an evolving threat landscape, including participating in on‑call support.

Job Responsibility

  • Management of security monitoring systems, including intrusive prevention and detection systems, to alert, detect and block potential cyber security incidents, and provide a prompt response to restore normal operations with minimised system damage
  • Identification of emerging cyber security threats, attack techniques and technologies to detect/prevent incidents, and collaborate with networks and conferences to gain industry knowledge and expertise
  • Management and analysis of security information and event management systems to collect, correlate and analyse security logs, events and alerts/potential threats
  • Triage of data loss prevention alerts to identify and prevent sensitive data for being exfiltrated from the banks network
  • Management of cyber security incidents including remediation & driving to closure

Requirements

  • Strong hands‑on experience in Cyber Security Incident Response or Cyber Operations
  • Deep technical expertise in one or more IR‑relevant domains (e.g. SOC operations, malware analysis, endpoint detection, network security, cloud security)
  • Proven ability to operate calmly and decisively in high‑pressure, time‑critical situations
  • Good knowledge of security toolsets
  • Prior experience with scripting languages & proficiency in data analysis
  • Excellent inter-personal skills with experience of briefing, de-briefing and presenting to senior executives and having effective listening skills
  • Strong understanding of cyber risk, controls, and security governance
  • Excellent written and verbal communication skills

Nice to have

  • Familiarity with Financial Services regulatory landscape and related compliance issues
  • Proficiency in SIEM technologies & usability in a Large & Complex Computing Environment
  • Analysis and response of detected security incidents, timely escalation and drive to ensure the closure of incidents
  • Incident Response skills including proficiency in PCAP Capture, Network Analysis, and Traffic Patterns

What we offer

  • Competitive holiday allowance
  • Life assurance
  • Private medical care
  • Pension contribution

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Similar Jobs for

Lead Cyber Operations Analyst

8 matching positions

DFIR Lead Cyber Operations Analyst

Join us as a DFIR Lead Cyber Operations Analyst, at Barclays, we don't just adap...
Location
Location
India , Pune
Salary
Salary:
Not provided
barclays.co.uk Logo
Barclays
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Forensic techniques applied to incident response: practical experience applying forensic techniques across common enterprise data sources (files, operating systems, network traffic, and applications) to support incident investigation and troubleshooting
  • Expert log and artefact analysis (multi‑source): ability to collect, examine, and analyse data from multiple sources (e.g., logs, artefacts, indicators of compromise) and perform pivoted analysis across aggregated logs and digital forensic data to define and contextualise incident scope
  • Advanced incident investigation and response capability: proven ability to analyse and respond to high‑priority security incidents, including timely escalation and driving incidents to closure
  • Technical depth across OS and networking: strong working knowledge of operating system fundamentals and security concepts, plus networking principles sufficient to interpret incident artefacts and investigative hypotheses
  • Coaching / guidance of junior analysts: capability to provide guidance and support to T1/T2 analysts on escalated events requiring subject matter expertise
Job Responsibility
Job Responsibility
  • Support the organisation achieve its strategic objectives by the identification of business requirements and solutions that address business problems and opportunities
  • Management of security monitoring systems, including intrusive prevention and detection systems, to alert, detect and block potential cyber security incidents, and provide a prompt response to restore normal operations with minimised system damage
  • Identification of emerging cyber security threats, attack techniques and technologies to detect/prevent incidents, and collaborate with networks and conferences to gain industry knowledge and expertise
  • Management and analysis of security information and event management systems to collect, correlate and analyse security logs, events and alerts/potential threats
  • Triage of data loss prevention alerts to identify and prevent sensitive data for being exfiltrated from the banks network
  • Management of cyber security incidents including remediation & driving to closure
What we offer
What we offer
  • Competitive holiday allowance
  • Life assurance
  • Private medical care
  • Pension contribution
  • Fulltime
Read More
Arrow Right

Cyber Security Lead-Cyber Security Analyst

Role Overview L3 Cybersecurity Operations Coordinator acting as a CSIRT/SOC rel...
Location
Location
India , Noida
Salary
Salary:
Not provided
https://www.soprasteria.com Logo
Sopra Steria
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Engineering graduate - preferably B.E. /B tech in I.T or Computer Engineering
  • SC-200: Microsoft Security Operations Analyst
  • BLT1: Blue Team Level 1
  • GCIH or GCFE/GCFA (or equivalent to IR credential)
  • Total Experience Expected: 08-10 years
  • SOC / CDOC Operations
  • CSIRT Coordination
  • Incident Response (L3 / Advanced)
  • Cyber Incident Management & Escalation
  • Threat Mitigation & Remediation
Job Responsibility
Job Responsibility
  • Act as primary cybersecurity contact for local sites
  • Coordinate with global SOC/CDOC teams for operational alignment
  • Ensure proximity-based support for critical assets and business priorities
  • Handle L3 incident escalation and complex case coordination
  • Lead incident triage, mitigation tracking, and remediation follow-up
  • Support end-to-end incident lifecycle (detection → containment → recovery)
  • Manage critical and non-standard cybersecurity incidents
  • Lead containment, threat eradication, and system restoration
  • Validate secure remediation and recovery actions
  • Support CSIRT-led crisis management during major cyber incidents
  • Fulltime
Read More
Arrow Right

Senior Cyber Operations Analyst

Join us as a Cyber Operations at Barclays, responsible for supporting the succes...
Location
Location
India , Pune
Salary
Salary:
Not provided
barclays.co.uk Logo
Barclays
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Proficiency in Develop and maintain audit documentation and reports
  • Proficiency in SIEM technologies & usability in a Large & Complex Computing Environment
  • Analysis and response of detected security incidents, timely escalation and drive to ensure the closure of incidents
  • Knowledge of auditing standards and frameworks (e.g., CSF, Mitre Att£ck & Detection Lifecycle Management)
  • Incident Response skills including proficiency in PCAP Capture, Network Analysis, and Traffic Patterns
  • Identify attacks and malware (Trojans, Ransomware, etc.) analysing event data generated from proxy, endpoints, IDS, MPS, network devices etc.
Job Responsibility
Job Responsibility
  • Management of security monitoring systems, including intrusive prevention and detection systems, to alert, detect and block potential cyber security incidents, and provide a prompt response to restore normal operations with minimised system damage
  • Identification of emerging cyber security threats, attack techniques and technologies to detect/prevent incidents, and collaborate with networks and conferences to gain industry knowledge and expertise
  • Management and analysis of security information and event management systems to collect, correlate and analyse security logs, events and alerts/potential threats
  • Triage of data loss prevention alerts to identify and prevent sensitive data for being exfiltrated from the banks network
  • Management of cyber security incidents including remediation & driving to closure
  • To advise and influence decision making, contribute to policy development and take responsibility for operational effectiveness
  • Lead a team performing complex tasks, using well developed professional knowledge and skills to deliver on work that impacts the whole business function
  • Consult on complex issues
  • providing advice to People Leaders to support the resolution of escalated issues
  • Identify ways to mitigate risk and developing new policies/procedures in support of the control and governance agenda
What we offer
What we offer
  • Competitive holiday allowance
  • Life assurance
  • Private medical care
  • Pension contribution
  • Fulltime
Read More
Arrow Right

Cyber Security Operations Lead

Morgan Sindall Group are looking for a Cyber Security Operations Lead role, to s...
Location
Location
United Kingdom , Coventry
Salary
Salary:
Not provided
morgansindall.com Logo
Morgan Sindall Plc
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • A minimum of 3 A levels or equivalent education (e.g. C&G, HND / HNC)
  • Good written and spoken English
  • Evidence of interest in Information Technology, Information Security or Data Protection
Job Responsibility
Job Responsibility
  • Oversee day-to-day security operations
  • Supervision and support of Operations analysts
  • Triage and remediation of incidents
  • Threat hunting
  • Performing scheduled checks
  • Assisting with user queries
  • Monitoring and maintaining our security controls
  • Own the operational relationship with our outsourced Security Operations Centre
  • Work with the Engineering function of the team to onboard and run new security controls
  • Develop and maintain an appropriate set of reporting metrics
  • Fulltime
Read More
Arrow Right

SOC Lead - Cyber Security Operations

We are seeking an experienced SOC Lead to head Vodafone’s Security Operations Ce...
Location
Location
India , Bangalore
Salary
Salary:
Not provided
vodafone.com Logo
Vodafone
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 8+ years in security operations, including at least 4+ years in a SOC leadership or senior incident response role
  • Proven leader of 24x7 SOC teams, with a strong track record of improving MTTT/MTTR, triage quality, and operational performance
  • Technical authority in incident response, capable of leading complex investigations and making sound decisions under pressure
  • Highly experienced with SIEM platforms such as Splunk, Microsoft Sentinel, Google SecOps, ArcSight, or QRadar, and familiar with EDR/NDR technologies
  • Skilled in driving SOC automation, SOAR, and AI-enabled capabilities, with a clear understanding of governance and responsible use
  • Knowledgeable across network, endpoint, and cloud security, with a strong grasp of attacker techniques and the MITRE ATT&CK framework
  • Analytical decision-maker who balances risk, speed, and business impact in ambiguous situations
  • Passionate about developing people and building sustainable SOC capability for the future
  • Educated to degree level in Cyber Security, Computer Science, Information Technology, or a related discipline (or equivalent practical experience)
  • Holder of relevant certifications such as GIAC, CISSP, or vendor-specific SOC certifications
Job Responsibility
Job Responsibility
  • Lead and manage 24x7 SOC operations, ensuring consistent, high-quality alert monitoring, triage, and incident response across all markets
  • Own and drive SOC service performance against key KPIs including MTTT, MTTR, triage quality, and SLA adherence, delivering measurable improvements in detection quality, response speed, and efficiency
  • Oversee the full alert lifecycle, ensuring accurate investigation, containment, escalation, and high-quality incident reporting
  • Continuously enhance detection capabilities by improving SIEM use cases, alert logic, and playbooks, reducing false positives and increasing coverage across priority threat scenarios
  • Drive the adoption of automation, SOAR, and AI-assisted capabilities to improve speed, consistency, and scalability, with appropriate governance and human oversight
  • Lead SOC transformation initiatives focused on reducing alert fatigue, streamlining workflows, and improving analyst productivity
  • Build, coach, and develop a high-performing SOC team through structured capability development, performance management, and knowledge sharing
  • Act as the final escalation point for complex or high-risk incidents, applying expert judgement to validate and close cases
  • Deliver clear, data-driven SOC performance and incident reporting to senior leadership
  • Foster a culture of continuous improvement through post-incident reviews, detection retrospectives, and operational learning
What we offer
What we offer
  • The opportunity to lead a globally impactful SOC function within a recognised Cyber Defence Centre of Excellence
  • Exposure to large-scale, complex cyber defence operations across multiple international markets
  • The chance to shape and influence the future of SOC operations through automation and AI-driven transformation
  • A collaborative, inclusive environment that supports professional growth and continuous learning
  • The ability to work with advanced security technologies and experienced cyber defence professionals
  • Fulltime
Read More
Arrow Right

Sr. Cyber Detection Incident Analyst - Security Operations

As a Cyber Detection Incident Analyst on GM’s Security Operations team, you will...
Location
Location
United States , Warren
Salary
Salary:
Not provided
gm.com Logo
General Motors
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Information Security, Computer Science, Information Systems, or equivalent experience
  • 5+ years of experience in cybersecurity with a focus on detection engineering, security operations, incident response, intrusion detection, or security event analysis
  • Strong analytical and investigative skills with the ability to interpret complex datasets and communicate findings effectively
  • Ability to create tactical scripts (Python, PowerShell, KQL, Bash, etc.) to supplement investigative workflows and enrich detections
  • Experience with network security monitoring (IDS, packet capture, flow analysis) and proper techniques for identifying and responding to security events
  • Experience detecting threats in cloud environments (Azure, AWS, GCP) and using cloud-native detection tooling
  • Strong collaboration and communication skills with focus on cross-team partnerships
  • Demonstrated ability to mentor other analysts, contribute to team development, and work effectively in a collaborative team environment
  • Deep knowledge of SIEM technologies, log‑centric analytics, and correlation logic
  • Deep knowledge of EDR platforms and behavioral-based detection methodologies
Job Responsibility
Job Responsibility
  • Conduct expert-level triage and deep-dive analysis of security events using EDR, NDR, identity telemetry, application logs, SIEM analytics, SOAR workflows, and cloud-native security tools
  • Lead incident escalation workflows and collaborate with the Incident Response and other partner teams drive timely containment and resolution of security threats
  • Perform proactive threat hunting across endpoints, networks, identity systems, cloud platforms (Azure, AWS, GCP), and SaaS environments using threat intelligence, behavioral analytics, and TTP/IOC research
  • Correlate telemetry across diverse systems to identify sophisticated attack patterns
  • Apply strong understanding of OS internals, cloud architectures, networking, authentication protocols, and adversary tradecraft to assess risk, determine impact, and drive escalation decisions
  • Integrate threat intelligence (IOCs, behavioral patterns, ATT&CK-aligned TTPs) into detection logic, use cases, and hunt strategies
  • Develop, tune, and maintain high-efficacy detections across: SIEM : correlation rules, anomaly detection, enrichment logic
  • EDR/XDR : behavioral detections, process analytics, custom rules
  • NDR : network anomaly detection, lateral movement patterns
  • SOAR : automation workflows, enrichment routines
What we offer
What we offer
  • Relocation benefits may be eligible
  • Fulltime
Read More
Arrow Right

Cyber / Tech 2nd LOD Senior Lead Analyst, Senior Vice President

The Technology and Cyber Compliance and Operational Risk Office (TCCORO) at Citi...
Location
Location
Poland , Warsaw
Salary
Salary:
340990.00 - 580610.00 PLN / Year
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience in technology and cyber risk assessments, metrics, enterprise technology services, risks, and controls within globally complex, dispersed, and diverse organizations
  • Advanced knowledge and experience leading control design and operating effectiveness evaluation, testing, and reporting with a track record of influencing effective risk mitigation strategies
  • Excellent presentation skills as well as the ability to effectively communicate complex topics to a broad audience
  • Advanced proficiency in creating written executive materials and mastery in verbal presentation to Executive audiences
  • Outstanding communication and influencing skills, with the ability connect with individuals throughout all levels of the organization and with external partners and vendors
  • Exceptional relationship management skills, including demonstrable experience managing through conflict and issue resolution with senior stakeholders
  • Proven ability to work within teams, manage cross-functional projects, influence executive-level strategic decision-making, and effectively translate technology / cyber risk insights to value-add risk mitigation solutions
  • Subject matter expert in one or more industry standard risk management frameworks (including ISO27001, COBIT, TOGAF and CRI for example), and an in-depth understanding of technology and cyber risk mitigation strategies
  • Deep knowledge of products within the coverage area (e.g, Markets, Banking), including a technical understanding of current and emerging trends as well as the ability to apply in-depth understanding of the business impacts of technical contributions
  • In-depth knowledge of technology and cyber risks and controls across various information system architecture and engineering domains including data protection, identity and access management, vulnerability management, network security, endpoint security, logging and monitoring, incident management, and third-party management
Job Responsibility
Job Responsibility
  • Manages internal projects on threat issues that support a variety of participants and stakeholders measuring the effectiveness and comprehensiveness of Citi’s first line defenses
  • Establishes and oversees the application of compliance and technology and cyber policies and procedures, technology and tools, and governance processes to provide credible challenge for minimizing losses from technology and cyber risks
  • Independently assesses technology and cyber risks and drive actions to address the root causes that persistently lead to operational risk losses by challenging both historical and proposed practices
  • Leads independent assurance activities to assess areas of concern including substantive and controls testing
  • Monitors, evaluates, and challenges Key Risks and associated Key Risk Indicators triggers and thresholds
  • Identifies potential risks associated with program/project delivery on a technical and detailed level
  • Leads various second line of defense technology and cyber assessments including risk assessments, control assessments, maturity assessments etc
  • Assesses technology and cyber risks associated with new initiatives and programs being proposed for implementation
  • Challenges the design, adequacy and strength of the control environment associated to technology and cyber and recommends actions to ensure the operational risk profile is in line with the technology and cyber risk appetite
  • Executes ad-hoc activities for the TCCORO organization, including but not limited to: researching and producing materials for presentations of deep dives into selected topics, coordinating deliverables related to audits and examinations, and maintaining associated data for executive reporting
What we offer
What we offer
  • Employer paid Defined Contribution Pension Plan contribution of 6% of employee’s pensionable earnings (PPE Program)
  • Employer paid Private Medical Care Package for employees and Private Medical Care Packages for certain family members available at preferential rates
  • Employer paid Life Insurance Program for employees and Life Insurance for certain family members available at preferential rates
  • Employee Assistance Program financed by Employer
  • Paid Parental Leave Program (maternity and paternity leave
  • statutory and 2 weeks additional paid paternity leave)
  • Sport Card for employees subsidised via Social Benefits Fund and Sport Cards for certain family members available at preferential rates
  • Additional benefits from Company’s Social Benefit Fund, in particular: Holidays Allowance, support for sport and cultural activities, team building events
  • Additional day off for volunteering
  • Cafeteria/ flex benefit
  • Fulltime
Read More
Arrow Right

Operations Analyst – System Operations

The Operations Analyst – System Operations provides technical and functional rep...
Location
Location
United States , Tucker
Salary
Salary:
65200.00 - 135200.00 USD / Year
gasoc.com Logo
Georgia System Operations
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Business, Computer Science, Information Systems, Engineering, or a related field
  • Strong knowledge of Microsoft Office applications
  • Power/Electric Utility industry experience not required but beneficial
  • Strong background in energy systems, utility data analytics, or SCADA integration is highly preferred
  • BESCA Certification Required - Bulk Electric System Cyber Authorized
  • Proficiency in project management, and business process/reporting improvement
  • Strong Experience with Microsoft Office Suite
  • Familiar with project management tools, documentation standards, and reporting practices
  • In-depth understanding of data and program security best practices
  • Hands-on experience with security tools and compliance requirements
Job Responsibility
Job Responsibility
  • Governance, Compliance & Policy Leadership (30%): Reporting in support of safe, reliable and regulatory compliant system operations
  • Leading the development and maintenance of critical operational policies and documents
  • Providing training to Associates and Members
  • Ensuring work products meet NERC/FERC or internal standards
  • Operational Systems & Data Integrity (20%): Ensuring the source of truth is accurate
  • Research, development, testing, and ongoing administration of systems that support library and documentation science for Systems Operations/Power Delivery
  • Resource Coordination & Real-Time Support (15%): Coordinating and directing the necessary human and technical resources to address immediate operational reporting needs, reporting requirements, and compliance activities
  • Project Management & Performance Monitoring (20%): Monitoring processes, supporting operational reporting readiness, and managing projects from inception to completion
  • Interacting with management/executive levels regarding project status and operational health
  • Strategic Analysis & Administrative Leadership (15%): Performing event analysis, interacting with leaders/executives on results, and serving as a functional backup for leadership
What we offer
What we offer
  • Comprehensive medical, dental, and vision coverage
  • Strong retirement program
  • Career development
  • Flexible work schedules
  • Focus on wellness
  • Fulltime
Read More
Arrow Right