-SOC Analyst (Tier 2)-Glasgow-£40,000 - £48,000 per annum-ASAP Start Our market-leading global client requires a SOC Analyst (Tier 2) with a breadth of experience across Cyber Security to join the team, throughout an exciting period of Change & Innovation. The role will be working with a global IT & Consultancy company, based in Glasgow, on multiple workstreams of a variety of complexity and scale. This is a mid-Tier position within the Cyber Threat Analysis Centre (CTAC), responsible for advancing the initial work conducted by Tier 1 Analysts and providing more in-depth analysis of potential threats to the organisation. The role is crucial in the investigation, triage, and response to cyber incidents while supporting the development and training of Tier 1 Analysts. The Tier 2 Analyst will work closely with senior and junior analysts to ensure a seamless SOC operation and act as a bridge between foundational and advanced threat detection and response functions. This is a full-time on-site role, covering a 24x7 shift pattern, which will come with a shift allowance. Candidates will be required to have active SC, moving to DV clearance and must have at least 6 months working experience in SIEM technologies. Responsibilities: Conduct escalated triage and analysis on security events identified by Tier 1 Analysts Apply expertise in SIEM solutions utilising Kusto Query Language (KQL) Identify and escalate critical threats to Tier 3 Analysts with detailed analysis for further action Monitor the threat landscape and document findings on evolving threat vectors Follow established incident response playbooks, providing feedback for enhancements and streamlining CTAC processes Co-ordinate with Tier 3 Analysts and management to refine detection and response workflows Collaborate with Tier 3 Analysts on tuning SIEM and detection tools to reduce false positives and improve alert fidelity Identify gaps in current detection content and work with Senior Analysts to develop and validate new detection rules Act as a mentor to Tier 1 Analysts and facilitating on-the-job training to elevate their technical skills and operational efficiency Assist in training sessions and knowledge-sharing activities, providing feedback on areas for growth and contributing to a supportive learning environment within the SOC. Knowledge and Skills: Understands advanced networking concepts, including IP addressing and basic network protocols Advanced knowledge of Windows and Linux operating environments Competence in using SIEM solutions (e.g., ArcSight, Azure Sentinel) for monitoring and log analysis Able to demonstrate proficient knowledge using Kusto Query Language (KQL) to search and filter logs effectively. Familiar with open-source intelligence (OSINT) techniques to aid in identifying potential threats and gathering information. Able to communicate clearly and efficiently with team members and stakeholders Can communicate simple technical issues to non-technical individuals in a clear and understandable way. Able to create concise, structured reports Able to function efficiently during high-pressure situations The above is not exhaustive. To discuss this opportunity in more detail, please forward your CV to