SOC Analyst (L3) - Senior Incident Responder
Location: Glasgow (Hybrid)
Salary: Up to £70,000 (depending on experience) + bonus
NOTE: Candidates for this role must be eligible for UK Security Clearance (SC).
We’re looking for a hands-on L3 Senior Incident Responder who can lead on complex security investigations, manage high-severity incidents, and bring real expertise in QRadar and wider SIEM technologies. This is a critical role within the SOC, where you’ll be the escalation point for L1 and L2 analysts and take ownership of incident containment, remediation, and post-incident review.
What you’ll do:
* Act as the L3 escalation point, leading investigations into complex incidents escalated by L1/L2 analysts.
* Use QRadar and other SIEM tools (Splunk, Sentinel) to detect, investigate, and respond to security events.
* Perform detailed forensic analysis, root cause analysis, and malware investigation.
* Lead incident response activities end-to-end, ensuring containment, eradication, and recovery.
* Develop, refine, and own SOC use cases, runbooks, and playbooks to drive continual service improvement.
* Liaise directly with clients, providing clear guidance and recommendations.
* Mentor and support junior SOC analysts, ensuring best practice is followed.
* Keep up to date with the latest threats, vulnerabilities, and attack vectors, integrating threat intel into monitoring.
What we’re looking for:
* Proven L3 SOC experience.
* 3–5+ years’ experience in IT security, ideally within a SOC/NOC environment.
* Strong knowledge and hands-on expertise with QRadar (other SIEM exposure beneficial).
* Solid understanding of DFIR principles, vulnerability management, and ethical hacking.
* Strong grasp of network traffic flows, malware analysis, and reverse engineering.
* Excellent written and verbal communication skills for client interaction and reporting.
* Ability to work independently, lead investigations, and mentor team members.
* Eligible for or holding SC Clearance.
* Relevant certifications (e.g. CISSP, GIAC, SC-200) are highly desirable.
If you’re ready to take ownership at L3 level and bring your QRadar expertise to the table, we want to hear from you.