Senior SOC Analyst

We are working with a leading UK IT solutions and managed services provider that supports organisations across the country with digital transformation initiatives. Their services span cloud, hybrid infrastructure, AI, cybersecurity, and collaboration technologies, helping businesses modernise their IT environments while maintaining robust security and compliance.

With continued investment in their cybersecurity division, they are expanding their Security Operations team and are looking for an experienced Senior SOC Analyst to play a key role in strengthening detection capabilities and leading high severity incident response activity.

As a Senior SOC Analyst, you’ll be at the forefront of incident response, guiding clients through critical security events, enhancing detection capabilities, and mentoring junior analysts. You’ll cover the full spectrum of SOC responsibilities, including threat hunting, malware analysis, and continuous improvement of SOC processes and tools.

• Incident Response & Forensics:
  Lead complex security incidents from detection to remediation, coordinate containment, analyse attacker activity, and support client decision-making during high-severity events.
• Threat Hunting & Detection Engineering:
  Proactively hunt for threats using advanced KQL analytics, tune SIEM/EDR detections, and develop signatures aligned with MITRE ATT&CK.
• Malware Analysis & Reverse Engineering:
  Perform malware triage and behavioural analysis, using reverse-engineering tools when required.
• Client Reporting & Communication:
  Produce clear, high-quality investigation reports, timelines, and intelligence summaries for both technical and non-technical audiences.
• SOC Leadership & Continuous Improvement:
  Contribute to SOC playbooks, mentor junior analysts, support onboarding of new clients, and enhance processes and tooling.
• On-Call Support:
  Participate in the 24×7 on-call rota to provide expert support during critical incidents.

• Strong background in SOC operations, digital forensics, incident response or threat detection.
• Experience leading complex security investigations and responding to high severity incidents.
• Advanced experience working with SIEM platforms, ideally Microsoft Sentinel and Defender XDR.
• Strong KQL knowledge for threat hunting and detection development.
• Experience using scripting languages such as Python or Power Shell for automation.
• Familiarity with digital forensics and investigation tools such as Velociraptor, KAPE or sandbox environments.
• Excellent written and verbal communication skills with the ability to present technical findings clearly.
• Comfortable mentoring junior team members and contributing to team development.

• Fully remote working across the UK.
• Competitive salary with additional benefits depending on experience.
• Opportunity to work within a mature and well supported Security Operations environment.
• Ongoing professional development and training opportunities.
• Exposure to a wide range of client environments and security challenges.
• Supportive culture with a strong focus on collaboration and continuous improvement.