2 days ago Be among the first 25 applicants
Get AI-powered advice on this job and more exclusive features.
CrowdStrike | LogScale SIEM | Incident Response | Threat Hunting
A rapidly growing UK-based cyber security provider is expanding its Security Operations Centre following continued demand for advanced MDR, SOC, and Incident Response services. The organisation operates a modern 24×7 SOC delivering intelligence‑led cyber defence across SMB and enterprise customers. Their security stack includes cutting‑edge EDR, identity protection, SIEM and automation tooling, with a strong focus on engineering a highly effective, cloud‑native SOC environment.
SOC Level 3 Analyst (North West / Hybrid)
This permanent position is ideal for an experienced SOC Level 3 Analyst looking to lead advanced detection engineering, incident response, and threat hunting activity. As the senior escalation point within the SOC, you will take ownership of high‑severity investigations, develop custom detections, enhance SOC tooling, and contribute significantly to the evolution and maturity of the security operations function.
Key responsibilities include:
* Lead high‑severity incident response across endpoint, identity, and cloud environments.
* Act as the final technical escalation point within the SOC.
* Conduct proactive threat hunts aligned to MITRE ATT&CK.
* Build custom detections (LogScale queries, correlation rules, Custom IOA).
* Perform forensic acquisition, malware analysis, and investigation reporting.
* Enhance SOC tooling, workflows, automations, and log ingestion processes.
* Mentor SOC analysts and support enhancements to playbooks and runbooks.
* Engage in customer‑facing incident reviews and cyber posture sessions.
Requirements:
* 5‑7+ years in SOC, Incident Response, or cyber defence roles (MSSP experience advantageous).
* Advanced expertise with CrowdStrike Falcon EDR (RTR, Forensics, Custom IOA, Identity Protection).
* Proficiency with LogScale / Next‑Gen SIEM (AQL/KQL queries, dashboards, pipelines).
* Strong automation and scripting skills (Python, PowerShell, Bash).
* Experience investigating threats across Windows, Linux, macOS, and cloud platforms (Azure/AWS).
* Strong understanding of network forensics, telemetry analysis, packet capture, and log correlation.
Certifications (desirable):
* CrowdStrike: CCP, CCFR, CCFH
* GIAC: GCIA, GCFE, GCFA, GCIH
* OSCP, CREST CRT/CRIA
* CySA+, Security+
* Cloud security certifications (Microsoft/AWS)
Soft skills:
* Excellent communicator, able to simplify complex technical matters.
* Calm and decisive during live incidents.
* Strong analytical mindset and mentoring capability.
* Able to work independently and maintain high‑quality documentation.
Seniority level
* Mid‑Senior level
Employment type
* Full‑time
Job function
* Information Technology
Industries
* Computer and Network Security
#J-18808-Ljbffr