SOC Lead

Hello, we're Utility Warehouse

At Utility Warehouse, we help people get on with their lives.

We’re constantly looking for ways for more people to spend their time how they want to.

And we’re bringing together a nation of self-starters to build a different type of utility company.

Where partners can run their own business and reach the goals that matter to them.

For customers, we offer permanent peace of mind. One bill, great value and no need to ever switch again.

And for our people, clear opportunities to help them achieve both their professional and their personal ambitions.

A bit more about us

You probably won't have heard much about us, but we're one of the UK's biggest, home-grown success stories of the last 20 years.

We're now a FTSE 250 business and knocking on the door of £1 billion in annual revenue. But in two decades of phenomenal change and growth as a business, there are two things that have remained constant:

  • We bundle together all our customers' household utilities and send them a single monthly bill

  • We don't sell directly to customers - we have 40,000 distributors around the country who sell those utilities on our behalf

And we know we’re onto something - we were the Which? ‘Utilities Brand of the Year’ in 2018 - but we’re only just getting started..

We’re looking for someone to lead our Security Incident Analysis

The security incident lead will play a key role in building out the security incident response capabilities of our SNOC team. Focusing on security incident management, this role will be responsible for growing our ability to respond and scale across our business units including telecommunications, energy and financial services.

The ideal candidate will have experience in a SOC or SNOC, with a solid technical background in information security or IT and infrastructure operations. While some processes and systems are currently in place, this role will drive improvements in our technology, processes and overall ability to respond to security incidents.

  • An active interest in information security
  • Security incident response and triage
  • Awareness of digital forensics practices and procedures in an enterprise environment
  • Working knowledge of response management systems (e.g. OTRS, ServiceNow IR, Hive)
  • Working knowledge of SOC team & IR practices and processes
  • Working knowledge of both on-premise and cloud infrastructure (including AWS and GCP)
  • Ability to script and automate (python, bash, powershell… we don’t mind)
  • Willingness to share knowledge and mentor colleagues

Nice to have:
  • Experience with SIEM tuning and more advanced security event & log management
  • Some software development experience
  • Exposure to mixed environment Windows, Linux and macOS endpoints; interest and exposure to containers (docker) and container orchestration (kubernetes) would be a significant advantage

Want to apply later?

Type your email address below to receive a reminder

Apply to Job

ErrorRequired field
ErrorRequired field
ErrorRequired field
ErrorRequired field
ErrorRequired field
ErrorRequired field
ErrorRequired field