Share this Job

Senior CSIRT Analyst


Warwick, WAR, GB, CV34 6DA

Division:  Global Cyber Security Operations
Job Type: 
Requisition Number:  6554
Job Category:  IT
Job Function:  Information Services
About the role

As the CSIRT Senior Analyst you will provide technical support to the National Grid Global Cyber Security Operations Center for security detection and mitigation activities.  Primary duties will include leveraging advanced expertise with security tools to lead CSIRT Analysts in the investigation of cyber threats, effectively engaging   CSIRT Analysts, Incident Managers, Forensics and other stake holders to efficiently mitigate cyber incidents and providing technical mentoring and direction for team members to enhance the response capabilities of the organization. 


In this hands-on role, the post holder will provide insight to National Grid’s security infrastructure and technologies. While helping to design, and implement detection and mitigation controls and detection capability for the CSIRT team. 


Your role will also serve as a technical liaison to engineering and tool support groups by providing tuning requests, following up on problems and managing enhancement requests, provide technical leadership and support to the CSIRT analysts, effectively engage other response services teams and management to better mitigate cyber threats and develop and leverage advanced tool skills to increase detection and response capabilities.

About you

Now you know about the role here is what we want from you to be successful in securing this position :


  • Extensive work experience in Cyber Security, specifically monitoring, detection and incident response duties.
  • Strong experience with operating security monitoring platforms (SIEM) alongside the creation, tuning and management of the associated rulesets
  • Demonstrated ability to coordinate and respond to security incidents using commercial and/or open source technologies.
  • Experience with Incident Response methodology in investigations, and the groups behind targeted attacks and tactics, techniques, and procedures (TTPs)
  • Comprehension of how attacks exploit operating systems and protocols
  • Experience performing malware analysis and the associated principles.
  • Solid understanding of networking protocols and infrastructure designs; including cloud infrastructures, routing, firewall functionality, host and network intrusion detection systems, encryption, load balancing, and other network devices
  • Hands-on experience with security technologies.
  • Experience in forensic analysis and the associated principles.
  • Ability to summarize events/incidents effectively to different constituencies such as legal counsel, executive management and technical staff, both in written and verbal forms.
  • Host Based Investigations – Log File and Memory Investigations
  • Email Investigations – Including Header Analysis, Office Doc Investigations and Macro Extraction
  • Experience with penetration testing and the associated principles
  • Strong understanding of TCP/IP and underlying network protocols
About us

National Grid touches the lives of almost everyone in the UK, with an energy network that stretches across the Atlantic. We’re an international team, and our work underpins the lives of millions of people. Feet forwards, head up, and eyes bright, we’re working hard to create value for people today – and shape the future of energy tomorrow.


In the UK, we don’t generate or sell energy – we join the dots to get energy from A to B. From making a cup of tea in the morning, to keeping the lights on in hospitals, our electricity network puts power in the hands of people. Without it, the world as we know it would grind to a halt.


The world of energy is changing beyond recognition. Working at National Grid, you won’t just be touching the lives of almost everyone in the UK – you’ll be shaping the way we use and consume energy for generations to come.


Technical qualifications should include but are not limited to:

  • First degree in a computer related discipline or equivalent experience
  • At least two of the following certifications or equivalent experience: - SANS certified Forensic Analyst (GCFA), Reverse Engineering Malware (GREM), Cyber Threat Intelligence (CTI), SANS certified Incident Hander (GCIH), SANS certified Intrusion Analyst (GCIA) or equivalent.
What you'll get

A competitive salary between £43,100- £54,599 – dependent on capability

As well as your base salary, you will receive a bonus based on personal and company performance and a competitive contributory pension scheme where we will double match your contribution to a maximum company contribution of 12%. You will also have access to a number of flexible benefits such as a share incentive plan, salary sacrifice car and technology schemes, support via employee assistance lines and matched charity giving to name a few.

More Information


The closing date for this vacancy is 27th August However, we encourage candidates to submit their applications as early as possible and not to wait until the published closing date. National Grid’s recruitment periods can and may vary. We reserve the right to remove this advert or close it to further applications at any point during the recruitment process.

Find similar jobs: