Role Purpose The Senior SOC Analyst is responsible for managing and maintaining the security operations centre’s day-to-day activities, including mentoring, supervising and developing SOC staff, developing and implementing security protocols, and ensuring the detection, analysis, response and resolution of security incidents. The role requires leadership in incident response, detection engineering, threat intelligence, and vulnerability management, while collaborating with other teams across the business to ensure enterprise-wide security measures are effective How to Apply By clicking the APPLY button you will be directed to our recruitment pages, please spend the next few minutes completing the final application steps and uploading your CV, so we can consider your interest in the role in full. Role Responsibilities Key responsibilities for this role may include: Leadership and Team Management: Lead and manage a team of SOC analysts and security engineers, ensuring operational excellence and maintaining high levels of motivation. Create and maintain shift schedules for the SOC team to ensure continuous coverage. Develop and implement training programs to enhance the team’s skill set and knowledge in cybersecurity best practices. Conduct performance evaluations, mentoring, and career development for SOC staff. Incident Management: Lead the incident response process, ensuring that security incidents are properly identified, triaged, investigated, and resolved. Develop and refine incident response procedures, playbooks, and escalation protocols. Coordinate with internal stakeholders (e.g., Service Desk, Security Assurance, Customer Success Managers) to respond to security incidents. Ensure that all incidents are properly documented and that lessons learned are integrated into security processes. Threat Hunting and Intelligence Conduct and support proactive threat hunting based on current and emerging threats across multiple SIEM platforms. Integrate threat intelligence into SOC operations. Contributing to threat intelligence sharing within the organisation and with external partners. Threat Monitoring and Detection: Oversee real-time security monitoring activities to detect potential security threats or vulnerabilities. Ensure the proper configuration and use of security tools, such as SIEM (Security Information and Event Management) systems, intrusion detection systems (IDS), and firewalls. Collaborate with other security and IT teams to identify and mitigate risks proactively. Detection engineering – creation, tuning and optimisation of SIEM rules to effectively detect current and emerging threats. Performing or supporting in-depth forensic analysis on potentially compromised systems. Strategic Planning and Process Improvement: Develop SOC strategies, policies, and procedures to improve overall security operations and incident response capabilities. Ensure continuous improvement of SOC operations through regular assessments, audits, and performance reviews. Stay current on the latest cybersecurity trends, threats, and technology developments to inform security strategy and improvements. Manage relationships with external partners, vendors, and customers. Compliance and Reporting: Ensure compliance with industry standards, regulations, and internal security policies. Prepare regular reports and metrics for senior management and Service Review boards on SOC operations, incidents, and overall security posture. Ensure that logs, reports, and evidence are maintained in a way that supports regulatory and legal requirements. Budget and Resource allocation: Develop and manage the SOC budget, ensuring efficient use of resources and optimal toolset performance. Recommend investments in security technologies and upgrades based on risk assessments and identified gaps. Education and Experience Requirements As the Job Title, you will have: Experience: 5 years of experience in cybersecurity, with at least 2-3 years in a SOC or incident response environment. Proven experience leading security teams in a SOC or similar environment. Strong background in security monitoring tools, incident detection, and response protocols. Education: Bachelor’s degree in Computer Science, Information Security, or a related field or equivalent experience. Certifications: Relevant cybersecurity certifications such as CISSP, CISM, CEH, GCIA, GCIH, or others are highly desirable. Technical Skills: Proficiency in using security tools and technologies (SIEM, IDS/IPS, EDR, firewalls, etc.). Strong knowledge of cybersecurity frameworks (NIST, ISO 27001, MITRE ATT&CK). Understanding of network protocols, malware analysis, threat intelligence, and vulnerability management. Familiarity with scripting and automation for security operations. How to Apply By clicking the APPLY button you will be directed to our recruitment pages, please spend the next few minutes completing the final application steps and uploading your CV, so we can consider your interest in the role in full.