Senior Cyber Security Analyst

As a Senior Cyber Security Analyst
, you will be responsible for maintaining and continually improving Security Operations (Sec Ops) solutions, controls, and processes across Thames Water. Working closely with the SOC, third-party MSSPs, and a wide range of Digital and business stakeholders, you will help ensure security incidents are identified, prioritised, and remediated effectively.

This role plays a key part in strengthening Thames Water’s cyber resilience by combining strong technical expertise with clear communication, structured incident management, and a risk‑based approach to security. You will mentor SOC analysts, support incident readiness and response, and drive continuous improvement across Sec Ops capabilities to protect services critical to our customers and operations.

• Investigate and respond to security alerts from SIEM platforms and third‑party MSSPs, ensuring appropriate and timely incident response actions.
• Liaise with technology and business stakeholders during cyber security incidents, providing clear explanations of risks, impacts, and required actions.
• Support the Cyber Security Operations Lead during security and privacy incidents, including triage, coordination and root cause analysis.
• Act as a key escalation point for the SOC and Thames Water Digital teams.
• Participate in a 24x7x365 on‑call rota, supporting out‑of‑hours incident investigations alongside a third‑party MSSP.
• Monitor, analyse and optimise the performance of Sec Ops tooling (e.g. SIEM, PAM), recommending and implementing improvements.
• Develop, maintain and improve Sec Ops documentation, processes, policies and procedures.
• Collaborate with stakeholders to understand business requirements and implement proportionate, risk‑based security controls.
• Maintain and integrate cyber security solutions across existing systems, applications and infrastructure.
• Evaluate and recommend new security technologies, tools and vendors aligned to business needs.
• Perform proactive threat hunting to identify emerging threats and vulnerabilities across the technology estate.
• Collect and analyse data to support cyber security metrics, dashboards and reporting.
• Support compliance with industry standards and regulations such as GDPR, NIS and ISO 27001.
• Stay current with industry trends, emerging threats and best practices to continually enhance security operations.

Base location – Hybrid – Clearwater Court, Reading.

Working pattern – 36 hours Monday to Friday (with on‑call rota participation).

• Experience in a technical cyber security role within an enterprise environment.
• Experience working in, or closely with, a Security Operations Centre (SOC).
• Strong analytical and problem‑solving skills with the ability to triage and manage incidents in a structured manner.
• Experience working with third‑party delivery partners and MSSPs.
• A risk‑based mindset, with experience identifying, assessing and remediating cyber risks in dynamic environments.
• Strong communication skills, including the ability to explain complex security issues to non‑technical audiences.
• Good planning, organisation and decision‑making capabilities, with a focus on continuous improvement.

• Strong understanding of IT infrastructure, networking and end‑user computing.
• Hands‑on experience configuring and troubleshooting MFA, Privileged Access Management (PAM) and SIEM platforms.
• Proficiency with Microsoft security operations tools, particularly Microsoft Sentinel.
• Experience writing and tuning Kusto Query Language (KQL) queries and alerts.
• Familiarity with Sec Ops technologies such as SOAR, EDR/XDR and identity and access management solutions.
• Ability to monitor, tune and optimise security controls to reduce alert noise and improve response times.

• Familiarity with network security technologies such as NAC, firewalls, proxies/VPNs, IDS/IPS and related controls.
• Experience mentoring or supporting analysts within a SOC or operational security team.
• Degree in Cyber Security, Computer Science, Information Technology, Engineering or a related…