As a SOC Analyst, you are the first line of defence against cyber threats targeting Admiral Insurance.
You will work as part of a / global Security Operations Centre across three regions, monitoring, triaging, and escalating security alerts affecting critical financial systems, customer data, and user accounts. The role requires seamless collaboration across regions, ensuring continuous security coverage through effective handover.
You will follow structured processes while developing the skills needed to understand how attacks happen and how to investigate them effectively. This role is designed for individuals with a strong interest in cyber security and a willingness to learn quickly in a real-world environment.
Key Responsibilities
Alert Monitoring & Triage
1. Monitor alerts from SIEM platforms, Endpoint detection tools, Identity and access systems.
Perform initial triage
2. Validate whether alerts are true or false positives
3. Classify severity based on defined criteria
4. Identify potential impact on financial systems or users
Investigation
5. Conduct investigations using available tools and playbooks
6. Login activity and user behaviour, Endpoint activity (processes, files, connections) indicators of compromise and threat actor behaviours
7. Gather relevant evidence before escalation
Escalation & Incident Handling
8. Escalate suspicious or confirmed threats to L Analysts
9. Provide clear, structured evidence including what was detected, what has been checked, why it is suspicious/anomalous/malicious
10. Playbook execution following predefined runbooks and response procedures, perform response actions where appropriate, ensure consistency and accuracy in all actions
Regional Handover
Perform structured handovers at shift end, including:
11. Clear summary of active incidents and investigations
12. Outstanding actions, risks, and priorities
13. Relevant evidence, timelines, and analyst observations
14. Ensure no loss of context or investigative continuity during handover
15. Adhere to defined handover standards to maintain operational resilience
Documentation and Continuous Learning
16. Maintain accurate and detailed case notes
17. Log Investigation steps, Findings, Actions taken
18. Ensure documentation meets audit and regulatory standards
19. Build knowledge of common cyber threats phishing, malware, credential theft etc
20. Participate in training sessions, simulated attack exercises, knowledge-sharing within the SOC
Required Skills & Experience
Essential
21. years minimum experience as a Cyber Security Analyst
22. Hands on experience with SIEM or endpoint tools
23. An understanding of Networking (IP, DNS, HTTP)
24. Operating systems (Windows fundamentals)
25. Strong attention to detail
26. Ability to follow structured processes
27. Good written and verbal communication skills
Desirable
28. Cyber labs experience (, TryHackMe, Hack The Box)
29. Entry-level certifications (, CompTIA Security+, SC-)
30. Basic scripting knowledge (PowerShell, Python)
Admiral: Where You Can
We take pride in being a diverse and inclusive business. It's a place where you can Be You, and show up as you are. We’re committed to fostering a people-first culture where everyone is accepted, supported, and empowered to be brilliant. You can, Grow And Progress at a pace and direction that suits you, Make A Difference for our customers and each other, and Share in Our Future with all colleagues eligible for up to £, of free shares each year after one year of service.
Everyone receives days holiday (including bank holidays) when they join us, increasing the longer you stay with us, up to a maximum of days (including bank holidays). You also have the option to buy or sell up to an additional five days of annual leave.
We’re proud of our people-first culture. In fact, we've been recognised as a Great Place to Work for Women, a Great Place to Work for Wellbeing, and an overall Great Place to Work for over years! We’re fully committed to making sure your progression is not slowed or halted by barriers related to race, gender, age, sexuality or any of the protected characteristics.
Our fantastic benefits make sure our colleagues have a great work-life balance; You can view some of our other key benefits
Disability Confident Leader
As a Disability Confident Leader, for candidates with a disability or long-term health condition, that opt into the Disability Confident scheme, we’ll invite a fair and proportionate number of applicants that meet the essential requirements of the role to the first stage of our selection process.
If you need any adjustments or support with your application or during the recruitment process, just let us know. Please do or contact us on. This number is dedicated to supporting candidates that require reasonable adjustments or support during the application process.
LI-GN