Senior Security & Automation Analyst en Talktalk

We are PXC, the UK’s largest provider of wholesale connectivity. Our vision is to be the UK’s #1 wholesale platform, a one-stop shop provider of connectivity, voice, cloud and security underpinned by the UK’s most robust, secure, resilient and reliable network.

Born from the combination of Virtual1 and TalkTalk’s wholesale services and national network business, we operate across our 3 core sites (Salford, London and Skopje, North Macedonia).

Our mission is clear, to be the UK’s best company to work for and best to work with. We believe this success is driven by the power of our employees. We empower our people to become true experts in their field who embody our values every day: we care; we challenge; we commit.
 

About The Team

The Cybersecurity incident response team is part of the Security team within the wider Network, Security & Cloud infrastructure team. The CIRT team identifies and responds to security threats affecting PXC and partner environments, though interaction with disparate sources, including cyber threat sensors and threat intelligence data. We implement containment, eradication, recovery, forensic and post incident measures commensurate with the threat to business operations, whilst coordinating and escalating to business partners as appropriate.

About The Role

Cyber security is a real and growing threat to all businesses. Maintaining an effective security capability is critical for PXC and its customers. 
The Senior Security & Automation Analyst is an integral role within the CIRT team and is focused on supporting PXC’s business strategy and desired Secure and Reliable posture through: 

• Focus on and improve quality and standards across the Technical Ops teams, whilst providing support for complex and major incidents.

• Development and support of the TSOC team capability through quality mentoring and knowledge transfer/upskilling.

• Working as part of the Automation & Orchestration team to ensure that the 24x7 TSOC are handling high quality data and events

• Identification, development and implementation of key technology and process advancements, including onboarding of new technologies, to mature the TSOC aligned to PXC Strategic priorities.
   

What do I need to be successful in this role?
 

• Solid understanding of Cyber Security Principles.

• Experience within SOC Environment and performing key Detect & Respond activities including Security incident management, Threat Hunting

• Experience of Automation and Orchestration including Scripting and API coding

• Experience working with multiple stakeholders and ability to influence senior management

• Performing 3rd line escalation support and strong Mentoring skills
  
  
  Primary Responsibilities

  • Act as an SME and Escalation point for TSOC colleagues, mentoring junior colleagues in Incident Response practices, and best practice usage of technical operations tooling and processes in line with department and company policies

  • Lead collaboration activities between TSOC and CIRT team colleagues to ensure that CSI (particularly Automation) opportunities are identified and prioritised for development.

  • Support incident management to ensure that high priority security incidents and threat intel reported threat cases are investigated effectively

  • Drive development of new and existing automation and integration capabilities to improve current TSOC tooling to deliver improved process efficiency, alert quality and cost benefits

  • Ensure Event Monitoring and Case Management platforms and processes are managed efficiently, kept up to date and are delivering high quality alerting and data enrichment capabilities to TSOC colleagues.

  • Support growth of the Detect and Respond capability and the services provided aligned to the wider Tech & Security Operations strategy

  • Support the wider Knowledge, Process and Automation workstreams as and where needed, based on Operational experience and expertise to drive Operational Effectiveness for the business.

Desirable:

• Google SecOps knowledge and experience with other SOAR/SIEM platforms

• Networking experience (Routing, DNS, Proxy, Firewall, Cloud infrastructure)

• SME level Linux and Windows Operating Systems Knowledge

• Scripting language knowledge (eg. bash, python)

How we look after our employees

• Our brand new “PXC Flex” benefit launched in January 2025, which includes Flex30, an additional 30 hours* of leave every year for you to use how you wish

• Our hybrid working policy offers you flexibility to work from home 40% of the time, with the other 60% connecting with your colleagues in one of our accessible and collaborative office spaces

• A starting holiday allowance of 25 days* holiday and up to 10 extra days* leave via our holiday purchase scheme

• Free private healthcare for all employees, competitive pension scheme and the opportunity to earn bonus

• Free broadband for all employees plus gifts for major life events such as marriages and births

• Flexible salary sacrifice scheme including dental, gym and much more, plus a huge range of shopping and leisure discounts so you can save even more cash

• A range of inclusive employee networks to help integrate employees into life at PXC

(* Days and hours are based on a full-time employee’s working pattern and leave is pro-rated for part-time employee)

At PXC, we know that diversity means success and innovation. We want our workplace to reflect the communities and customer we serve. Being inclusive is part of our DNA; we are all 100% human, and we create a culture where you can truly be yourself.

We’re also not your usual 9-5. We are a dynamic workplace and we want to talk to you about how you like to work.