Rodeo
ResourcesPartnersSign in

The Guardian

Security Operations Centre Analyst

London
£30k/yr
Posted 1 day ago
Sign up to applySee more jobs like this

How your CV stacks up

1Upload CV
2Analyse CV
3Improve CV

Upload your CV to see how well it fits this job role

?%

Security Operations Centre Analyst

Join our team at the Guardian and be a part of a diverse and inclusive global organisation that delivers fearless, investigative journalism, and holds power to account. Our team of award-winning journalists, cutting-edge commercial professionals, and industry-leading digital experts are committed to making a difference and represent a wide range of backgrounds and perspectives. We offer a challenging and exciting environment for career development, with a focus on training, growth, and fostering an inclusive culture.

We are now looking for a Security Operations Centre Analyst to join our Information Security team. The Security Operations Centre (SOC) Analyst will support the detection, investigation, and response to cyber security threats across The Guardian's global digital estate.

Working alongside the Security Operations Team, MSSP, and wider Information Security team, the role will help strengthen operational security capabilities, improve threat visibility, and contribute to the continuous evolution of Guardian security operations.

This role is suited to a security professional who is passionate about threat detection, incident response, and security operations, and who is eager to contribute to building a modern, intelligence-led security capability.

Role Overview:

  • Triage, investigate, and respond to security alerts, events, and incidents, ensuring timely containment, remediation, and closure.
  • Act as the primary operational liaison with the MSSP, validating findings, improving service quality, and ensuring effective security monitoring and incident response.
  • Conduct proactive threat hunting across endpoint, network, identity, and cloud environments to identify suspicious or malicious activity.
  • Develop, tune, and optimise detection rules, SIEM use cases, and correlation logic to improve threat visibility and monitoring effectiveness.
  • Investigate security events across on-premise and cloud environments, including AWS, GCP, and Entra ID.
  • Analyse threat intelligence, emerging threats, and incident trends to assess relevance to The Guardian's threat landscape and identify improvements to detection and response capabilities.
  • Identify gaps in monitoring and detection coverage, recommending and implementing improvements based on threat intelligence, incident learnings, and changes to the technology estate.
  • Support vulnerability prioritisation and remediation by correlating threat activity, exploitability, and business risk.
  • Investigate and respond to Data Loss Prevention (DLP) alerts as part of identifying, containing, and mitigating potential data security incidents.
  • Drive continuous improvement of SOC capabilities through automation, process optimisation, metrics, post-incident reviews, and the enhancement of runbooks, playbooks, and operational procedures.

Reasons to use Rodeo

I’m in my final year doing Economics and I don’t know whether to apply for grad schemes now or do a masters first. What do you think?

Honest answer — it depends on where you want to end up. A lot of top grad schemes (Big 4, civil service, banking) don’t need a masters. Let’s look at the ones you’d be competitive for now, and we can decide if a masters actually adds anything.

Also worth knowing: most autumn 2026 applications are open now. Timing matters more than you think.

Start with a chat, not a search bar

Grad scheme, placement, apprenticeship? Not sure what you want yet — that's fine. Your agent talks it through with you and turns "I have no idea" into a shortlist.

P

Graduate Consultant — 2026 Scheme

PwC·London, UK
£35,000/yr

Why you're a good match

Strong

Your economics background and your summer at a regional bank line up with what PwC looks for on the consulting scheme. Applications close in four weeks.

See breakdown
Save jobNot relevant
View details

It searches the market for you

Every day your agent scans the market matching roles against what actually matters to you, not just keywords on a CV.

Why you're a good match

You’ve got the grades and the economics background, and your bank internship is exactly the experience this scheme looks for. Apply soon — deadlines close within the month.

See breakdown
Strong

Experience fit

Your summer at the bank plus your econometrics coursework map directly to the day-one responsibilities on this scheme — client modelling, market briefings, and deal support.

See breakdown
Strong

Only hits

No noise. No "maybe this fits." Just roles with a clear explanation of why they're right — and where to focus when applying.

About You:

  • Experience working within a Security Operations Centre (SOC), incident response, threat detection, or cyber security operations environment.
  • Experience investigating security alerts and incidents using SIEM, EDR, and other security monitoring technologies. Ability to assess, prioritise, and respond to security incidents based on business risk and operational impact.
  • Strong understanding of modern cyber threats, attack techniques, and adversary behaviours, including familiarity with the MITRE ATT&CK framework.
  • Experience analysing security events across endpoint, network, identity, and cloud environments.
  • Experience working with Managed Security Service Providers (MSSPs) or outsourced security operations functions.
  • Knowledge of threat hunting, threat intelligence, and detection engineering principles.
  • Strong analytical and problem-solving skills, with the ability to interpret complex technical information and identify root causes. Able to analyse data, identify trends, and make informed, evidence-based decisions.
  • Commitment to continuous learning and staying current with emerging threats, technologies, and security best practices.

We actively encourage applications from groups traditionally underrepresented in the UK media.

We operate in a hybrid environment working 3 days a week from our offices in Kings Cross and 2 days a week remotely.

We value and respect all differences (seen and unseen) in all people. We aspire to have inclusive working experiences and an environment that reflects the audience we serve, where our people have equal access to career development opportunities, their voices are heard, and can contribute to our future. We actively encourage applications from people of all backgrounds. Many of our staff work flexibly, and we will consider all requests for flexible working arrangements.

How to Apply:

To apply, please upload your latest CV. We don’t require a cover letter but will ask you a question about information security as part of your application, which should take less than 5 minutes to complete.

We appreciate the time taken to prepare each application we receive. We do not use AI-assisted technology to review applications; every application is reviewed by a member of our recruitment team. Thank you for bearing with us during the screening process.

Get help with your application

Your very own career expert that helps elevate your application to the next level.

Get help applying for this job

The closing date for applications is Friday, 10th July 2026.

All roles at the Guardian are open for everybody to apply. It is important to us that you feel supported and comfortable throughout your recruitment process, in order to perform your best. Please let us know if there are any changes we could make to help your application, this includes providing documents in accessible formats or personalising the process to better support your needs.

Benefits at the Guardian:

  • You'll have 30 days of annual leave per year (plus bank holidays) with the option to purchase an additional 5 days.
  • Our pension scheme is generous; if you contribute 5% then we will contribute 8-12% (depending on your age).
  • We believe in giving back, which is why employees are given 2 volunteering days annually and the option of payroll giving.
  • Season ticket loans are also available.
  • You are entitled to private healthcare, life cover, income protection, and eye tests. You can also opt in to dental insurance.
  • We have enhanced maternity, paternity, adoption, and shared parental leave policies in place. We also support our employees by offering an IVF, menopause, baby loss, and trans equality policy.

Culture and Wellbeing:

We want everyone to feel like they belong at the Guardian and we champion diversity of thought.

Our various employee forums provide a platform to use their voice to foster an inclusive workplace. We became the first major media organisation to achieve B Corp status.

We offer tools to help you prioritise your wellbeing including access to our employee benefits platform which provides tailored support for health and wellbeing. In addition, we also offer free yoga and pilates classes. These run alongside our corporate gym membership and cycle to work scheme.

Our canteen has views overlooking the Regents Canal and caters for breakfast, lunch, and dinner.

Learning and Development:

We encourage personal and professional growth. Employees have access to a broad range of tools and solutions, and we are happy to support the pursuit of professional qualifications through vocational courses and apprenticeships.

We value honesty in your application.

AI-generated content must not be presented as your own work.

Please review our guidance on the use of AI in your application here.

Trusted by 25,000+ job seekers

“It took my CV and asked me questions relevant to understanding what kind of jobs to suggest for me. Suggestions were almost perfect. Jobs were exactly what I’ve been looking for.”

Jessica, London

Get help applying for this job

Skills

Security Operations Centre
Incident Response
Threat Detection
Cyber Security Operations
SIEM
EDR
Threat Hunting
Threat Intelligence
Detection Engineering
Analytical Skills
Problem-Solving Skills
Data Analysis
Emerging Threats
Cloud Environments
AWS
GCP

Location

London, England, United Kingdom

Sign up to applySee more jobs like this