About The Role
- Job Title: Cyber Operator (#CyberSecurity #CyberDefence #SOC #Investigation #IncidentResponse #Automation #ThreatIntelligence)
- Location: UK (Remote, SC Cleared)
- Salary: Up to £60,000 GBP
- Reports To: Head of SOC & IR
- Type: Full-time, Permanent
- Operating Model: 4-on-4-off, 12hr Shifts
CybaVerse operates a lean, automation-driven security operations function built on our CybaOps platform. We do not run a traditional tiered SOC. There is no conveyor belt of copy-paste alerts, no rigid escalation chain, and no ceiling on what you can get involved in.
As a Cyber Operator, you will work directly within the operations function, handling real investigations, contributing to detection improvement, and getting hands-on with the tooling that powers the service. You will be expected to think, not just triage. When you spot something that should be automated or improved, you will have the space to say so and help fix it.
This role suits someone who has a solid grounding in security operations, is hungry to develop beyond alert handling, and wants to work in an environment where quality of thinking matters more than time-on-console.
**We are not looking for someone to sit in a queue. We are looking for someone who wants to understand what they are seeing, improve how we see it, and get better every day.**
What You Will Be Doing
- Actively contributing to the improvements of our customers security posture and improving the CybaOps platform.
- Conducting structured, threat-led investigations across endpoint, network, cloud, and identity environments using the CybaOps platform. You will build timelines, identify root causes, and produce clear, actionable findings for our customers.
- Leading and supporting Incident Response activities, including containment, eradication and post-incident documentation and review.
- Working with actionable Threat Intelligence to enhance response and identify emerging attacker Tactics, Techniques and Procedures (TTPs).
- Documenting and communicating findings to a very high standard for both internal records and customer facing engagements.
- Collaborating with the Head of SOC & IR and wider team to improve processes, runbooks, and automation workflows.
What We Are Looking For
Essential - Deep passion for Cyber Security, and all things Cyber Defence.
- Automation-led mindset: anything that can be automated should be automated.
- Customer improvement-led mindset: ensuring that customer success is at the heart of your decision making.
- Genuine curiosity about how things work, and why attackers succeed.
- Strong English written and verbal communication skills, needing to be able to communicate technical findings to non-technical stakeholders.
Desirable
- Experience within a multi-platform, vendor agnostic environment.
- Exposure to SOAR tooling or any scripting/automation for operational tasks (Python, PowerShell).
- Experience leading Incident Response activities.
- Familiarity with cloud environments: Azure, AWS, or GCP log sources and common misconfigurations.
- Experience with network traffic analysis or IDS/IPS incident investigation.
- Relevant Certifications - useful context, but not at all a barrier.
How We Work
The team is small and the work is varied. You will not spend years in a defined lane before being allowed to do anything interesting. From early on you will be handling real investigations, contributing to how we improve, and working alongside senior practitioners who will invest time in your development.
We use automation to handle the repetitive so that the team can focus on the work that requires judgement. If you have ideas about how to do something better, we want to hear them.
What You Will Not Find Here
- A rigid tier-1 alert queue with no room for independent thinking.
- A siloed role with a narrow remit and no path to grow.
- A culture where junior team members are seen and not heard.
What You Will Find Here
- Real investigations from day one, not filtered-down leftovers.
- A team that values quality of thinking over volume of tickets closed.
- Genuine support for your development and clear progression into more senior work.
- A company in active growth with interesting clients and a product that is actively evolving.
Please visit https://www.cybaverse.co.uk/ for more information
