SOC Analyst

SOC L2 Analyst (Security Operations Centre)

We’re recruiting an experienced SOC L2 Analyst / Tier 2 Security Analyst to join a high-performing Security Operations Centre (SOC) environment, supporting the investigation, response and remediation of complex cyber security incidents.

This is a hands-on role focused on incident response, threat detection and forensic investigation, working with enterprise-scale security tooling and collaborating closely with Tier 1, Tier 3 and wider IT teams.

Key Responsibilities

* Investigate and respond to Tier 2 security incidents, including malware, ransomware, data breaches and APTs

* Analyse alerts using SIEM tools (Splunk) and EDR platforms (Microsoft Defender)

* Perform incident forensics, root cause analysis and impact assessments

* Own escalations from SOC L1 and provide technical guidance and quality assurance

* Support containment, eradication and recovery activities

* Produce clear incident reports and technical documentation

* Contribute to detection improvement, playbooks and post-incident reviews

Required Skills & Experience

* Proven experience as a SOC Analyst L2 / Tier 2 / Incident Response Analyst

* Strong hands-on experience with Splunk or other SIEM platforms

* Experience with EDR / endpoint detection tools (Defender preferred)

* Solid understanding of incident response, threat hunting and security investigations

* Knowledge of Windows, Linux and enterprise environments

* Ability to work under pressure in a SOC environment

Desirable

* Cyber security certifications (GIAC, GCIH, GCIA, GCFA, CISSP)

* Digital forensics or malware analysis experience

This role suits someone who enjoys owning incidents end-to-end rather than monitoring alerts.

Apply now to discuss further