Level 3 SOC Analyst
Location:
Crawley (Hybrid)
Salary:
Up to £65,000 (DOE) + Bonus
Type:
Permanent / Full-Time
The Opportunity
My client, a leading organisation operating within the Critical National Infrastructure (CNI) energy sector, is looking to appoint an experienced Level 3 SOC Analyst.
This is a senior escalation role within a dedicated Security Operations Centre, working at the forefront of protecting high-value national assets. The successful candidate will act as a technical authority for advanced incident response, threat hunting, and security engineering, with a strong focus on the Microsoft security stack.
Key Responsibilities
* Serve as the primary escalation point for complex incidents and lead on incident response.
* Conduct in-depth threat hunting, forensic investigations, and root cause analysis.
* Develop, test, and optimise detection use cases, rules, and playbooks within Microsoft Sentinel and Defender.
* Provide mentorship and guidance to junior SOC analysts, enhancing team capability.
* Collaborate with IT and OT teams to address unique security requirements across CNI environments.
* Drive improvements in SOC operations, automation, and incident response processes.
* Monitor evolving threats and integrate threat intelligence into daily operations.
* Ensure adherence to industry standards and compliance frameworks (NIS2, CAF, ISO
Skills & Experience Required
* Extensive background in SOC operations, incident response, and threat hunting.
* Expertise with the Microsoft security stack, including:
* Microsoft Sentinel (SIEM/SOAR)
* Microsoft Defender for Endpoint, Identity, Cloud Apps, and Office 365
* Microsoft Entra ID (Azure AD)
* Microsoft Purview (compliance and data protection)
* Strong knowledge of attacker tactics and techniques (MITRE ATT&CK).
* Experience in digital forensics and malware analysis.
* Understanding of CNI or energy/utility environments.
* Proficiency in scripting/automation (KQL, PowerShell, Python).
* Excellent communication and stakeholder engagement skills.
Desirable Certifications
* Microsoft Certified: Cybersecurity Architect Expert / Security Operations Analyst Associate
* GIAC (GCIA, GCIH, GCFA, GNFA)
* CISSP / CISM (advantageous)
* Experience of OT/ICS security in energy environments.
Why Join?
* Opportunity to work on mission-critical systems protecting the UK's energy infrastructure.
* Competitive package and clear progression into technical leadership.
* Backing for ongoing training and industry certifications.
Unfortunately, our client is not offering sponsorship at this stage.