-SOC Analyst (Tier 2)
-Glasgow
-£40,000 - £48,000 per annum
-ASAP Start
Our market-leading global client requires a SOC Analyst (Tier 2) with a breadth of experience across Cyber Security to join the team, throughout an exciting period of Change & Innovation. The role will be working with a global IT & Consultancy company, based in Glasgow, on multiple workstreams of a variety of complexity and scale.
This is a mid-Tier position within the Cyber Threat Analysis Centre (CTAC), responsible for advancing the initial work conducted by Tier 1 Analysts and providing more in-depth analysis of potential threats to the organisation.
The role is crucial in the investigation, triage, and response to cyber incidents while supporting the development and training of Tier 1 Analysts. The Tier 2 Analyst will work closely with senior and Junior Analysts to ensure a seamless SOC operation and act as a bridge between foundational and advanced threat detection and response functions.
This is a Full time on-site role, covering a 24x7 shift pattern, which will come with a shift allowance. Candidates will be required to have active SC, moving to DV clearance and must have at least 6 months working experience in SIEM technologies.
Responsibilities:
* Conduct escalated triage and analysis on security events identified by Tier 1 Analysts
* Apply expertise in SIEM solutions utilising Kusto Query Language (KQL)
* Identify and escalate critical threats to Tier 3 Analysts with detailed analysis for further action
* Monitor the threat landscape and document findings on evolving threat vectors
* Follow established incident response playbooks, providing feedback for enhancements and streamlining CTAC processes
* Co-ordinate with Tier 3 Analysts and management to refine detection and response workflows
* Collaborate with Tier 3 Analysts on tuning SIEM and detection tools to reduce false positives and improve alert fidelity
* Identify gaps in current detection content and work with Senior Analysts to develop and validate new detection rules
* Act as a mentor to Tier 1 Analysts and facilitating on-the-job training to elevate their technical skills and operational efficiency
* Assist in training sessions and knowledge-sharing activities, providing feedback on areas for growth and contributing to a supportive learning environment within the SOC.
Knowledge and Skills:
* Understands advanced networking concepts, including IP Addressing and basic network protocols
* Advanced knowledge of Windows and Linux operating environments
* Competence in using SIEM solutions (eg, ArcSight, Azure Sentinel) for monitoring and log analysis
* Able to demonstrate proficient knowledge using Kusto Query Language (KQL) to search and filter logs effectively.
* Familiar with open-source intelligence (OSINT) techniques to aid in identifying potential threats and gathering information.
* Able to communicate clearly and efficiently with team members and stakeholders
* Can communicate simple technical issues to non-technical individuals in a clear and understandable way.
* Able to create concise, structured reports
* Able to function efficiently during high-pressure situations
The above is not exhaustive. To discuss this opportunity in more detail, please forward your CV to (see below)