We are seeking an experienced Level 2 SOC Analyst to enhance our Security Operations Center (SOC) team. If you're passionate about real-time threat monitoring, in-depth analysis, and staying ahead of emerging cyber threats, we want to hear from you!
As a Level 2 SOC Analyst, you will be responsible for real-time threat analysis and monitoring, responding to alerts, and leading the detection, triage, handling, and in-depth analysis of security events. You will work closely with our Managed Security Service Provider (MSSP) and internal teams to ensure the integrity of our security systems.
As part of this you’ll:
* Lead investigations and ensure actions are taken following the receipt of alerts, with detailed, high-quality updates logged in tickets.
* Assist the team in maintaining an up-to-date knowledge base, including the creation of response playbooks.
* Conduct hypothesis-led threat hunting to uncover suspicious activity that might otherwise go undetected.
* Stay current on the latest cybersecurity issues and tactics, techniques, and procedures (TTPs) of threat actors.
* Support purple-team activities, including testing and improving defensive measures.
* Monitor for newly identified vulnerabilities and assess whether they affect systems. Provide recommendations for compensating controls or mitigations where necessary.
What you’ll need to do the role:
* Previous experience in a SOC environment.
* Working knowledge of security solutions such as SIEM, syslog, EDR, IDS/IPS, and Azure Security Centre.
* Experience in incident response, including containment, eradication, and recovery.
* Strong background in cyber threat hunting.
* Familiarity with common network protocols (e.g., DNS, HTTP(S), TCP, UDP, SSH).
* Experience working with CLIs, including Linux terminal and/or Microsoft PowerShell.
* Relevant cybersecurity qualifications (e.g., CompTIA SEC+, CompTIA CySA+, Blue Team Level 1, or a Cybersecurity degree).
* Knowledge of one or more programming or scripting languages (e.g., Python) is a plus.
* Must be SC cleared or willing to undergo SC clearance.
* Must be willing to be part of an on-call rota and support urgent operational incidents outside of standard office hours when necessary.