Principal Cyber Operations Engineer - NESO

About the Role

National Energy System Operators (NESO) strength lies in our people. Together were shaping the future where clean affordable energy is accessible for all. Every day is an opportunity to make a real difference accelerating the progress of sustainable GB energy keeping people connected and society thriving as we create a brighter tomorrow.

As a Principal Cyber Security Operations Engineer you will be responsible for building and deploying innovative cyber technologies across the NESO estate serving as the foundation of NESOs Cyber Security Operations (CSO) capability.

You will take on a mentorship role providing advice and guidance to other members of the Cyber Operations Engineering team.

This position requires a deep expertise in cyber security and will focus on the centralisation of forensic telemetry from across the various critical systems which balance the UK energy system.

You will provide guidance to the wider Cyber Operations Engineering function assist in the identification of new disruptive technologies spearhead process improvements and technological enhancements collaborate with stakeholders throughout the business and ensure the creation of a cohesive function.

If you build and experiment in your spare time and enjoy telling people about your homelab setup this is the team for you!

This role can be based from Wokingham or Warwick and we continue to offer hybrid working from office and home. We are open to full time and part time applicants as well as flexible working arrangements.

Key Accountabilities

• Build and deploy innovative technical solutions to advance the security capability of the Cyber Security Operations function.
• Manage and oversee the configuration of various security tools to enable key stakeholders such as CSOC and Threat Hunting and Detection Engineering (THaDE).
• Collaborate with application administrators across the business to onboard data sources into the SIEM data lake.
• Optimise forensic telemetry collection mechanisms to ensure accurate and efficient parsing and ingestion to the SIEM.
• Build resilient forensic telemetry collection technologies to support 24/7/365 monitoring of NESO and its control systems by CSO.
• Spearhead process improvement and curate update and develop an internal cyber engineering knowledgebase (bonus points if youre already skilled in Mermaid or Markdown!)
• Provide mentorship and guidance to other members of the Engineering team. There are also opportunities for line management within this role.
• Weigh in on tough technical decisions where competing interests or solutions require consideration.
• Identify and highlight potential avenues for increasing efficiency of delivery and process within the Engineering team.
• Provide technical guidance and support to other team members as needed.
• Suggest and recommend updates to operational procedures and flows to optimise the onboarding of data sources and ensure the widest security visibility across NESO.

About You

Were forging the path and we know we cant do it alone. Thats why we need visionary minds like yours to join us on this transformative this case were looking for someone who:

• Has a proven ability to lead on technical implementation and decision making within an Engineering or Security context.
• Is passionate about security and building secure infrastructure and secure foundations.
• Is curious. We often deal with bespoke or less common data sources at NESO and a willingness and enthusiasm to take on the challenge of making sense of these data sources is a must.
• Has strong analytical and problem-solving skills and ability to handle complex and dynamic situations.
• Has a keen awareness of current and emerging cyber threats trends and best practices.
• Has proven experience working with SIEM platforms and related tooling.
• Has a strong understanding of SIEM concepts and best practices.
• Is familiar with SIEM telemetry onboarding processes and techniques.
• Is experienced in of treating cyber operations engineering with a Software Development Lifecycle mindset (Using tooling such as Git forges CI/CD pipelines Infrastructure as Code Detection as Code etc).
• Is knowledgeable about various data source formats and protocols (e.g. syslog JSON REST API).
• Is comfortable with scripting or programming languages (Python Bash PowerShell etc).
• Has experience in troubleshooting and resolving data quality or ingestion issues.
• Has previously worked closely with security tooling such as EDR Deception Tech Malware Sandboxes Vulnerability Management Tooling etc.
• Is familiar with security incident response and investigation processes.
• Has excellent problem-solving and analytical skills.
• Has strong communication and collaboration abilities.
• May have relevant certifications (e.g. GIAC) but this is not required.

About What Youll Get

A competitive salary between 70000 - 78000pa dependent on experience and capability.

As well as your base salary you will receive a bonus of up to 15% of your salary for stretch performance 28 days annual leave as standard and a competitive contributory pension scheme where we will double match your contribution to a maximum company contribution of 12%.

As we work towards creating a cleaner greener and more affordable future for all we also work towards creating a place for our teammates to belong with professional and personal growth and positive well-being.

• Full support and career-development resources to expand your skills enhance your expertise and maximise your potential along your career journey.
• A diverse and inclusive community of belonging where teammates are empowered to bring ideas to the table.
• Generous Total Rewards Plan comprising of health finance and wealth work/life balance and career benefits.

About Us

National Energy System Operators (NESO) mission is to facilitate the decarbonisation of Great Britains energy network and ensure the delivery of reliable affordable and clean electricity for consumers. We work with stakeholders across the whole energy industry to plan for future network needs using a wider adoption of technology and changes in consumer behaviour as well as ensuring we have the right markets networks and frameworks in place to transform the way we operate tomorrow.

Join us and lets energise progress.

Our energy our future together.

About The National Energy System Operator (NESO)

In Autumn of 2024 the ESO transitioned to National Energy System Operator or NESO for short. Previously denoted as the Future System Operator (or FSO) the new National Energy System Operator is the independent body responsible for planning Great Britains electricity and gas networks and operating the electricity system.

The ESO including all of its existing roles are now at the heart of the new National Energy System Operator. As NESO we will build on our existing roles capabilities and ways of working significantly to create an organisation the energy system and its users need. Our new capabilities will enable us to look across vectors including electricity natural gas and hydrogen and crucially consider the trade-offs between them.

The organisation is set up as a public corporation with its own Board of independent directors with complete operational independence from government the regulator and any and all commercial interest. As was the ESO NESO will be licenced and regulated by Ofgem through price control agreements and obligated to identify optimal solutions to system operations and planning in the most sustainable affordable and secure way for all.

More Information

This role closes on 13th August 2025 at 23:59 however we encourage candidates to submit their application as early as possible and not wait until the published closing date as this can vary.

We work towards the highest standards in everything we do including how we support value and develop our people. Our aim is to encourage and support employees to thrive and be the best they can be. We celebrate the difference people can bring into our organisation and welcome and encourage applicants with diverse experiences and backgrounds and offer flexible and tailored support at home and in the office.

Were committed to building a workforce that represents the communities we serve and a working environment in which each individual feels valued respected fairly treated and able to reach their full potential.

#LI-BO1

#LI-HYBRID