Share this Job
Apply now »
Employment Type:  Full Time
Employment Period:  Permanent
Salary:  Competitive plus excellent benefits

Gloucester, GB

Career Area:  Finance, Trading & Risk

Security Analyst

The Opportunity


#WeAreEDF and are leading the transition to a cleaner, low emission electric future, tackling climate change and helping Britain achieve net zero.  

Here at EDF UK our aim is to be the leading electricity company and global leader for low-carbon energy production.  EDF UK is the UK’s largest producer of low-carbon electricity, meeting around one-fifth of the country’s demand and supplies millions of customers and businesses with electricity and gas. 

We provide gas and electricity to 6 million residential customers and are the largest supplier to British businesses. We offers innovative energy systems for commercial customers and digital innovation for customers at home. EDF UK has also launched its own innovation accelerator, Blue Lab, which focuses on making customers’ lives easier.

To summarise we are the UK’s largest producer of low carbon electricity, the biggest supplier of electricity by volume in Great Britain and the largest supplier to British businesses.

Day to Day: 


  • Being responsible for the analysis, operations and maintenance of systems security.
  • Assessing systems and networks and identifying where those systems/networks deviate from acceptable configurations.
  • Using data collected from a variety of cyber defence tools (e.g., IDS alerts, firewalls, network traffic logs) to analyse events that occur within their environments for the purposes of mitigating threats.
  • Investigating, analysing and responding to cyber incidents.
  • Apply security policies to meet security objectives of the system.
  • Verify minimum security requirements are in place for all applications.
  • Work with stakeholders to resolve computer security incidents and vulnerability compliance.
  • Use cyber defence tools for continual monitoring and analysis of system activity to identify malicious activity.
  • Monitor external data sources (e.g., cyber defence vendor sites, Computer Emergency Response Teams, Security Focus) to maintain currency of cyber defence threat condition and determine which security issues may have an impact on the enterprise.
  • Perform analysis of log files from a variety of sources (e.g., individual host logs, network traffic logs, firewall logs, and intrusion detection system [IDS] logs) to identify possible threats to network security.
  • Perform cyber defence incident triage, to include determining scope, urgency, and potential impact, identifying the specific vulnerability, and making recommendations that enable expeditious remediation.
  • Provide timely detection, identification, and alerting of possible attacks/intrusions, anomalous activities, and misuse activities and distinguish these incidents and events from benign activities.
  • Perform real-time cyber defence incident handling (e.g., forensic collections, intrusion correlation and tracking, threat analysis, and direct system remediation) tasks to support Incident Response Teams (IRTs).
  • Implement security measures to resolve vulnerabilities, mitigate risks, and recommend security changes to system or system components as needed.
  • Track and document cyber defence incidents from initial detection through to final resolution.
  • Document and escalate incidents (including event's history, status, and potential impact for further action) that may cause ongoing and immediate impact to the environment.
  • Perform cyber defence trend analysis and reporting.
  • Maintain knowledge of applicable cyber defence policies, regulations, and compliance documents.

The Person


What does being a great Security Analyst mean?


  • Ability to conduct vulnerability scans and recognize vulnerabilities in security systems.
  • Ability to analyse malware.
  • Ability to apply techniques for detecting host and network-based intrusions using intrusion detection technologies.
  • Ability to interpret the information collected by network tools (e.g. Nslookup, Ping, and Traceroute). 
  • Ability to identify systemic security issues based on the analysis of vulnerability and configuration data.
  • Ability to share meaningful insights about the context of an organization’s threat environment that improve its risk management posture. 
  • Ability to design incident response for cloud service models.
  • Ability to function effectively in a dynamic, fast-paced environment. Ability to effectively teams collaborate via virtual.

The Skills


The role will form part of, our Enterprise IT Function, operating within a federated IT Operating Model, which consists of Enterprise IT (EIT) and Business Unit IT delivery portfolios, EIT owns, secures, maintains and supports a portfolio of Enterprise IT services and provides functional leadership and support to the Business Units.  EIT aims to deliver the Enterprise IT services portfolio to the right quality and best value for EDF UK and its stakeholders.
The Enterprise IT operating environment is complex, meaning our stakeholders’ needs are constantly shifting and evolving, in several dimensions

You will need to have:

  • Awareness of the technology and best practice pertinent to their domain, and interest in maintaining that awareness
  • Proven ability to collaborate and communicate with both IT and business-facing colleagues
  • Experience of security operations and incident management in large complex business environments
  • Experience of working with third parties such as solutions vendors, outsourced and research partners
  • Experience of working with IT security operations, compliance, risk and governance practices
  • It is a requirement of this role that the post holder either holds or can obtain and maintain Security Check (SC) clearance.
  • Ability to work discreetly and confidentially with robust outlook on life
  • Computer networking concepts and protocols, and network security methodologies
  • Laws, regulations, policies, and ethics as they relate to cybersecurity and privacy
  • Cyber threats and vulnerabilities
  • Operational impacts of cybersecurity lapses
  • Vulnerability information dissemination sources (e.g., alerts, advisories, errata, and bulletins)
  • Cybersecurity and privacy principles and organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation)
  • Information Technology (IT) security principles and methods (e.g., firewalls, demilitarized zones, encryption)
  • Service management concepts for networks and related standards (e.g., Information Technology Infrastructure Library [ITIL])
  • Cyber defence and vulnerability assessment tools and their capabilities
  • New and emerging information technology (IT) and cybersecurity technologies
  • Network tools (e.g., ping, traceroute, nslookup)
  • Incident response and handling methodologies
  • Security operations and incident response in cloud service models

It would be great if you had:


  • An appreciation of key utility industry concepts
  • Experience of working in regulatory environments
  • SAFe (Scale Agile Framework) qualified or aware
  • AWS and Microsoft Azure qualified or aware

Competetive Salary & Benefits


We offer a competitive salary and benefits package, including a pension scheme, a wide range of flexible benefits to suit your lifestyle, and the opportunity to earn a bonus.  


Please let us know if you require flexible working arrangements by highlighting this on your application.  We’re happy to talk flex in line with the requirements of this opportunity

Why EDF?


At EDF, everyone’s welcome. It’s a powerful statement of our intent to make sure we’re about the people who work with us – a rich and unique mix of backgrounds and experiences that’s vital to shaping a strong and fresh-thinking organisation like ours. Whoever you are and wherever you come from, we’ll embrace the difference you bring and give you opportunities to thrive and succeed.


Join us. Together, we’ll help Britain achieve net zero.

Job Segment: Risk Management, Finance

Apply now »