Job Specifications
Exeter, South West England, EX1 3PB
Job Summary
We’re looking for an exceptional Security Operations Centre Incident Responder / Senior Analyst – Level 3 to help us make a difference to our planet.
As our Security Operations Centre Incident Responder / Senior Analyst – Level 3, the job may be suitable for hybrid working, which is where an employee works part of the week in the office and part of the week from home. This is a voluntary, non-contractual arrangement and the location advertised will be your contractual place of work.
Our opportunity is full time, 37 hours per week. Our people are at the heart of what we do, and we'll do our best to agree a working pattern that works for everyone.
World changing work
From science to technology, from meteorology to management, and from planning to communication, our expertise helps us stand out as the authority on weather accuracy and climate prediction. We help individuals, industries and government to make better decisions to stay safe and thrive. This is the Met Office. This is who we are.
We’re a force for good - focusing on our environmental and social impact
We’re experts by nature - always learning and developing to do things better
We live and breathe it - putting our purpose at the heart of decision-making
We’re better together - understanding partnerships and inclusivity make us greater
We keep evolving - pushing boundaries to make tomorrow better for our customers
Job Description
Your world of expertise
As our Security Operations Centre Incident Responder / Senior Analyst – Level 3 you won’t just respond to alerts, you’ll lead the defence of the organisation at the highest technical level. This is where expertise meets impact.
You will be the final escalation point for complex cyber threats, trusted to investigate sophisticated attacks, uncover hidden adversary behaviour, and drive rapid, effective response. From identity-based attacks and advanced persistent threats to insider risks, you’ll be working on the incidents that truly matter.
Your Key Duties:
Act as the final escalation point for complex, high-severity, and major security incidents.
Lead end-to-end incident response activities including triage, containment, eradication, and recovery.
Perform advanced threat analysis, including malware analysis and attacker techniques.
Conduct digital forensics across endpoints, networks, and cloud environments
Lead threat hunting activities using intelligence, hypotheses, and behavioural analytics.
We operate an on-call roster in Technology to provide 24/7/365 support to respond to operational service requirements. This post may be part of an on-call roster and the postholder would be required to participate in an on-call roster where in operation.
Your world of expertise
As our Security Operations Centre Incident Responder / Senior Analyst – Level 3 you won’t just respond to alerts, you’ll lead the defence of the organisation at the highest technical level. This is where expertise meets impact.
You will be the final escalation point for complex cyber threats, trusted to investigate sophisticated attacks, uncover hidden adversary behaviour, and drive rapid, effective response. From identity-based attacks and advanced persistent threats to insider risks, you’ll be working on the incidents that truly matter.
Your Key Duties:
Act as the final escalation point for complex, high-severity, and major security incidents.
Lead end-to-end incident response activities including triage, containment, eradication, and recovery.
Perform advanced threat analysis, including malware analysis and attacker techniques.
Conduct digital forensics across endpoints, networks, and cloud environments
Lead threat hunting activities using intelligence, hypotheses, and behavioural analytics.
We operate an on-call roster in Technology to provide 24/7/365 support to respond to operational service requirements. This post may be part of an on-call roster and the postholder would be required to participate in an on-call roster where in operation.
Person specification
Essential Criteria, Skills And Experience:
An extensive knowledge of Cyber Security Incident response principles and practices within a Security Operations Centre environment. Degree in Cyber Security, Information Technology, or equivalent experience. Ideally with advanced industry certifications such as: GIAC Certified Incident Handler (GCIH) & or GIAC Certified Forensic Analyst (GCFA) (Expert by nature)
Strong understanding of network security, including packet analysis and intrusion detection including NDR tooling, and advanced knowledge of SIEM platforms (e.g., Microsoft Sentinel) along with deep expertise with EDR technologies (e.g., Microsoft Defender for Endpoint). Act as the technical lead during major incidents, liaising with senior stakeholders and maintain strict confidentiality and integrity of sensitive information.
Deep knowledge of operating systems (Windows, Linux) and system internals alon
About the Company
The Met Office combines weather and climate science and data with expert insights to help government, businesses, emergency responders and the public to make informed decisions based on the weather and our changing climate.
Everything we do is based on world-leading science and enhanced by the close working relationships we have with partners around the globe. We collect and make sense of massive amounts of data every day, using cutting-edge technology to deliver it into the hands of the people that need it, when it matters...
Know more