Applications for this job have closed. This page will redirect to SSE plc employer page in 10 seconds.

IT Security Analyst – Threat Detection & Response (TDR)

SSE plc

Location: Cardiff, Portsmouth, Reading

Job Type: Full time


SSE has big ambitions to be a leading energy company in a low carbon world. Following our commitment to invest £18 billion in low carbon projects to 2027, we have significant growth plans and are well on our way to achieving our ambition to build a world that's more sustainable and inclusive for you, your family, the community you live in and for generations to come.

Join us on our journey to net zero and help us power change.

About the Role 

Base Location: Havant, Reading, Cardiff

Salary: £55,573 - £63,643 and a range of benefits to support your finances, wellbeing and family.

If you don’t have the level of skills or experience required, we may be able to offer a lower grade role.

Working Pattern: Permanent | Full Time | Flexible First options available

Candidates for this role will be required to obtain vetting to SC level through UK Government. The criteria normally includes 5 years UK residency, further information can be found here: United Kingdom Security Vetting: Applicant - GOV.UK (

As the SSE Cyber Incident Response Analyst, you’ll be responsible for managing Cyber Security incidents and threats to much of the UK’s Critical National Energy Infrastructure. We also have increasing global investments which need to be protected to the same levels.

You'll actively be looking for vulnerabilities and identifying potential threats; both within the corporate environment and externally.

Incident Response

- Leading Cyber Security investigations to provide post-mortem analysis to illuminate issues and possible solutions.

- Development and optimisation of the security tooling to ensure effective discovery of suspicious activity.

- Leading security incident management and participate in problem and change management forums where required.

- Engineering and Continuous Improvement.

- In conjunction with the inhouse Threat Intelligence team and external agencies, research and investigate attack techniques to develop detection analytics to defend against them.

- Discover and identify misconfigurations or coverage gaps in existing controls.

- Follow up on deficiencies identified in reviews to ensure that appropriate remediation measures have been taken.

- Report risks using the defined escalation processes.

What do I need?

To be considered for this role, we would love you to have:

- Inquisitive mindset and attention to detail.

- Significant work experience managing incidents.

- Knowledge of automation and scripting.

- In depth knowledge of Infrastructure, cloud, networking and common operating systems.

- Good written, interpersonal and analytical skills, able to negotiate successful outcomes with all levels of the organisation.

- You'll need a high level of technical skills and your day-to-day workload will typically include the management and analysis of Cyber Security events, escalation and remediation as required.

- Strong familiarity with Cyber Security standards and frameworks (eg. NIST, ISO27001).

- Awareness of Operational Technology Security.

About our Business

SSE IT underpins the technology needs of all the different businesses that make up the SSE group. From emerging technologies to data and analytics to cyber security - we power SSE's growth and enable it to generate value, while keeping it secure. As a trusted business partner that helps SSE lead in a low carbon world, we are proud of our service. Working for SSE IT is all about equipping SSE for now and the future.

What's in it for you?

We offer an excellent package with 34 days annual leave entitlement. Enhanced maternity/paternity leave, discounted healthcare, salary sacrifice car leasing and much more, view our full benefits package on our careers site.

As an equal opportunity employer we encourage diversity and are committed to creating an inclusive environment for all employees. We encourage applicants from all protected characteristics and commit to providing any reasonable adjustments you need during the application, assessment and upon joining SSE. Search for 'Inclusion & Diversity at SSE' to find out more.

Further actions

All applications should be made online, and I'll be back in touch after the vacancy closing date to let you know the outcome.

If you would like to discuss any working flexibly requirements or adjustments you may require throughout the recruitment and selection process, please contact / 01738 275846.

Before commencing your role with SSE, you'll need to complete our pre-employment screening process. This will consist of a criminality and credit check.