Cyber Operations careers

Cyber Operations

Leonardo UK's cyber security operational teams run our fully managed service for our customers, consisting of protective monitoring, incident response, device management and our service desk.

Protective Monitoring – The protective monitoring team is responsible for providing a thorough initial investigation into anomalous network activity that may lead to potential security incidents. They cover our 24/7/365 protective monitoring, alerting and incident handling services, acting as the initial analytical reference point for identifying and then quantifying the nature and extent of a security incident, and offer initial professional advice relating to possible business impact.

Service Desk – As part of the cyber operations team, our service desk team maintains the 24/7 service desk capability, providing 1st Line support to our customers. This extends to supporting the full ITIL process flow, which includes an extensive range of services and stakeholders, in a fast-paced challenging environment. They provide customer support, service and technical support through analysis and incident resolution.

Incident Response – Our incident response services cover the entire threat spectrum, from initial incident and the provision of threat intelligence, through to forensic services and advanced malware analysis to establish the nature of the attack and its origin. A typical day includes managing the response to cyber security incidents raised by customers and internal security monitoring teams, and getting hands-on when required to provide subject matter expertise for incident investigation and response activities.

Device Management – Our device management team is responsible for the day-to-day management of the Security Operations Centre (SOC) networks and security device management ensuring operational running to allow the analysts to conduct protective monitoring and incident response in line with SLAs for the SOC’s clients. They are our go-to Security Information and Event Management (SIEM) experts, supporting all our security devices and assisting in the build, integration, deployment and acceptance testing for our customers.

Skills we look for:

Windows and Linux Server architectures
Experience of working within technically complex environments or on a project with multiple participants
Malware analysis
Incident Response
Network security and operations
SIEM experts
Experience in cyber security including protective monitoring and incident response, e.g. GIAC GMON, GCIA, GCIH or equivalent experience

Types of roles we recruit for at all levels:

Cyber Security Analyst
Cyber Incident Response Analyst
Service Desk (Analyst, Manager)
Device Manager
Service Desk Analyst
Service Delivery Manager
Service Desk Manager

See the latest list of cyber security jobs we are recruiting

Future Leaders Programme Launch

AW101 117% Programme – DAAA Full Certification Achieved

Leonardo readies Royal Air Force to handle Future Combat Air mission data in new 10-year contract

Fingers on the Pulse

Top 10 Memorable Moments in Nature Captured by Leonardo Thermal Imaging Technology for the BBC

Leonardo celebrates first official community day of volunteering