SOC Level 3 Analyst North West / Hybrid CrowdStrike | LogScale SIEM | Incident Response | Threat Hunting The Company A rapidly growing UK-based cyber security provider is expanding its Security Operations Centre following continued demand for advanced MDR, SOC, and Incident Response services. The organisation operates a modern 24×7 SOC delivering intelligence-led cyber defence across SMB and enterprise customers. Their security stack includes cutting-edge EDR, identity protection, SIEM and automation tooling, with a strong focus on engineering a highly effective, cloud-native SOC environment. CrowdStrike | LogScale SIEM | Incident Response | Threat Hunting The Role This permanent position is ideal for an experienced SOC Level 3 Analyst looking to lead advanced detection engineering, incident response, and threat hunting activity. As the senior escalation point within the SOC, you will take ownership of high-severity investigations, develop custom detections, enhance SOC tooling, and contribute significantly to the evolution and maturity of the security operations function. You will play a key role in developing processes, guiding junior analysts, supporting customer engagements, and ensuring the SOC continues to deliver high-quality outcomes in fast-moving environments. Requirements 5-7 years in SOC, Incident Response, or cyber defence roles (MSSP experience advantageous). Advanced expertise with: CrowdStrike Falcon EDR (RTR, Forensics, Custom IOA, Identity Protection) LogScale / Next-Gen SIEM (AQL/KQL queries, dashboards, pipelines) SIEM technologies and EDR/MDR workflows in 24×7 security operations Strong automation and scripting skills (Python, PowerShell, Bash). Proficiency investigating threats across Windows, Linux, macOS, and cloud platforms (Azure/AWS). Strong understanding of network forensics, telemetry analysis, packet capture, and log correlation. Key Responsibilities Lead high-severity incident response across endpoint, identity, and cloud environments. Act as the final technical escalation point within the SOC. Conduct proactive threat hunts aligned to MITRE ATT&CK. Build custom detections (LogScale queries, correlation rules, Custom IOA). Perform forensic acquisition, malware analysis, and investigation reporting. Enhance SOC tooling, workflows, automations, and log ingestion processes. Mentor SOC analysts and support enhancements to playbooks and runbooks. Engage in customer-facing incident reviews and cyber posture sessions. Certifications (desirable) CrowdStrike: CCP, CCFR, CCFH GIAC: GCIA, GCFE, GCFA, GCIH OSCP, CREST CRT/CRIA CySA, Security Cloud security certifications (Microsoft/AWS) Soft Skills Excellent communicator, able to simplify complex technical matters. Calm and decisive during live incidents. Strong analytical mindset and mentoring capability. Able to work independently and maintain high-quality documentation. CrowdStrike | LogScale SIEM | Incident Response | Threat Hunting