What you will be doing:
1. Monitoring and analysing security alerts and events,conducting initial investigations and determining the appropriate response.
2. Escalating complex incidents to Senior Analysts for deeper analysis and resolution.
3. Managing SOC incident queues to ensure timely and effective response.
4. Maintaining and improving asset baselines across customer environments.
5. Producing clear, insightful reports for both technical and non-technical audiences.
6. Enhancing detection rules and use cases aligned to MITRE ATT&CK and threat-informed defence.
7. Working collaboratively to protect critical data and technology platforms.
8. Documenting incidents, findings and recommended mitigations.
9. Supporting the continual improvement of SOC processes and procedures.
What you will bring:
10. Hands-on experience with Microsoft Sentinel and Splunk.
11. Knowledge of the MITRE ATT&CK framework.
12. Understanding of client-server and multi-tier applications, databases, firewalls, VPNs and endpoint security.
13. Solid networking fundamentals (TCP/IP, LAN/WAN, HTTP, SMTP, FTP, LDAP, etc.).
14. Strong analytical thinking and structured problem solving.
15. The ability to prioritise, manage multiple tasks and work effectively under pressure.
16. An entry-level cyber security certification ( Security+, CEH, CPSA) or similar.
It would be great if you had:
17. Scripting or programming skills (Python, PowerShell, Bash, Perl, C++).
18. Broader SIEM experience ( QRadar).
19. Additional SOC or CREST certifications.
If you are interested in this role but not sure if your skills and experience are exactly what we’re looking for, please do apply, we’d love to hear from you!
Employment Type: Permanent
Location: Hemel Hempstead
Security Clearance Level: Eligible for Security Clearance
Internal Recruiter: Lee
Salary: £dependant on experience
Benefits: 25 days annual leave with the choice to buy extra days, Health Care plan, life assurance, and pension