SOC Analyst – SC Cleared – 12 Month Contract – Hereford About Your Role: As the SOC Analyst your role will include; • Alert Triage: Review and assess alerts escalated by the outsourced SOC; validate their accuracy and determine potential impact. • Initial Investigation: Perform first-line investigation using available tools (SIEM, Device Logs, firewall logs and SIEM alerts). • User Interaction: Engage with affected end users or asset owners to collect additional information, verify events, or guide immediate containment steps (e.g. asset isolation, password reset). • Escalation: Escalate confirmed or high severity incidents to the Level 2 SOC (outsourced) or internal incident response teams, ensuring complete and accurate handoff documentation. • Incident Documentation: Create and maintain detailed case notes, timelines, and evidence within the case management system to support investigations and compliance requirements. • Collaboration: Serve as the coordination point between the security team and the external SOC partner, maintaining strong communication and situational awareness. • Playbook Execution: follow established triage and escalation playbooks; suggest improvements based on recurring issues or inefficiencies. • Threat Awareness: Maintain awareness of current cyber threats, attacker techniques (MITRE ATT&CK), and industry trends relevant to the organisations threat landscape. About You: As an experienced SOC Analyst, your skills and experience may include; • Previous experience in a SOC, IT Operations, or security support role. • Understanding of key security concepts including malware, phishing, lateral movement and privilege escalation. • Working knowledge of network fundamentals, windows/Linux system logs and authentication systems. • Working knowledge of SIEM platforms (e.g. Microsoft sentinel, Splunk, Elastic, QRadar). • Awareness of security frameworks and methodologies (NIST CSF, MITRE ATT&CK, ISO27001).