Cyber Security Analyst, SOC Incident Triage

Job Type IT
Location Bracknell Campus
Partnership Level 8
Closing Date 30/01/2022
Vacancy Type Permanent
Salary £36,500.00 - £50,600.00
Salary Frequency Annual
Hours of Work 35


What’s the role about?

The John Lewis Partnership’s Cyber Security strategy is bold and ambitious. We provide a collection of security services, delivered through people, processes and technology. Working collaboratively, these services ensure that customers can shop with us efficiently, safely and securely, every single day. 

The key purpose of the Cyber Security Incident Response team is to protect John Lewis Partnership data and systems by proactively detecting and responding to cyber security threats. We are the front line of cyber defence: monitoring and assessing cases, correlating observables, mitigating and defending against malicious cyber activity and adapting to an ever-changing threat landscape. We constantly engage with key stakeholders from across the business, third parties and our customers.

If you’re passionate about cyber security, if you thrive and perform in fast-paced, high-demand scenarios, and if you want to make a real difference at the UK’s largest co-owned retailer, then this role is for you.

What you’ll be doing:

As the Partnership’s Cyber Security SOC Triage Analyst for our Incident Response Service you will be responsible for first line support for any security alerts or queries and to engage with our key stakeholders to inform or escalate. You will use your attention to detail to accurately log and prioritise incidents and use your technical problem solving skills to resolve basic incidents. You’ll also assist with the development of use cases, playbooks, policies and custom tooling by providing feedback or recommendations to improve our security maturity where any security service is deemed to be lacking. 

It’s a fantastic opportunity to get hands-on with many market leading security tools, to be empowered to innovate alongside a supportive, collaborative and social team of security experts, and you’ll have the opportunity to grow and develop your cyber security career. 

What you’ll have:

  • A demonstrable broad IT knowledge gained through working within a technical IT department or helpdesk.

  • A proven ability to work under pressure in a fast-paced environment and to succeed in ambiguity.

  • A strong attention to detail with an analytical mindset and a solution-focused approach to problem solving.

  • Excellent verbal and written communication skills with demonstrable experience of communicating with both internal and external stakeholders / service providers along with the ability to write or present actionable intelligence derived from raw data.

  • A foundational understanding of security controls and cyber attack types.

What else you could bring:

  • Expertise across any of the following : Google Scripts, ServiceNow, JIRA, Splunk or Security Event Logging. 

  • Experience in creating BAU runbooks, use-case definitions and operating procedures.

  • Experience in cyber security incident detection, response and resolution.

  • Experience of working within a service management framework, such as NIST or ITIL.

  • Relevant technical qualifications, such as CompTIA Security+, CompTIA Network+ or equivalent.

Why do our Cyber Security Partners love working for us?

"We have a friendly team culture where everyone is keen to develop their skills and support those around them. I've been given great opportunities to further my career. The work we do is challenging and varied, and it's really satisfying to be part of a team that's integral to protecting our customers and Partners." - Laurence Jeffcoate - Information Security Analyst

Additional Information:

We occasionally close vacancies early in the event that we receive a high volume of applications. Therefore we recommend you apply as soon as possible.

The application form consists of a CV upload, an online test followed by application questions. Please ensure you refresh the page each time you complete a task to ensure you complete everything that you need to in time.

We have a number of different ways to work flexibly so at your interview feel free to talk about what flexibility means to you. There are no guarantees, however, it may open the door to not only a new role but a new way of working.


Duties and Responsibilities


We positively celebrate Diversity & Inclusion in the John Lewis Partnership. Our aim is to become the UK’s most inclusive business - for our Partners and for our customers, reflecting and connecting with the diverse communities that we serve. We want people from all walks of life to feel valued for their individuality, thrive in our business and share a sense of belonging. To find out more about D&I in the John Lewis Partnership visit this site - We have a number of different ways to work flexibly so, at your interview, feel free to talk about what flexibility means to you. There are no guarantees, however, it may open the door to not only a new role but a new way of working.

Attachment: R-71350 Cyber Security Analyst, SOC Incident Triage Job Outline.pdf 


Latest IT opportunities

Senior WMS Developer
  • Milton Keynes - Magna Park 3,
  • £39400 - £55000
  • Closing Date: 27/01/2022
Cyber Security Manager - Threat Defence
  • Bracknell Campus,
  • £56700 - £76000
  • Closing Date: 22/01/2022
Cyber Security Analyst- Incident Response
  • Bracknell - Jubilee House,
  • £47700 - £64000
  • Closing Date: 30/01/2022