Senior SOC Analyst – Cloud Security / Detection Engineering
Location: Hybrid - Remote with the requirement to attend team meetings in the Reading office once a month
Type: Permanent | Full-time
Sector: Software / SaaS
Salary: £75,000 - £90,000 + 5% annual bonus
Ballantyne Technology is working exclusively on a senior-level Security Operations opportunity with an international, industry leading software business operating in a modern cloud environment.
This is not a traditional SOC role focused on alert handling. The position sits at the senior technical level and combines incident leadership, detection engineering, threat hunting and automation. You’ll have genuine ownership of security operations maturity rather than working in a ticket-driven environment.
The role
You’ll act as a senior technical point of escalation within the SOC, leading complex investigations and driving continuous improvement across tooling, detection capability and response processes.
Typical responsibilities include:
*
Leading complex security incidents end-to-end including investigation, containment, forensics and root cause analysis.
*
Designing, tuning and improving detection across SIEM and EDR platforms.
*
Proactive threat hunting across cloud infrastructure, applications, and CI/CD environments.
*
Building and maintaining automation and response playbooks using SOAR tooling.
*
Working closely with DevOps, infrastructure and engineering teams to improve security posture and response capability.
*
Reducing alert fatigue, improving logging coverage and strengthening SOC maturity.
* Ensure security operations and incident response practices are aligned with industry-recognised frameworks such as ISO 27001.
*
Supporting audit readiness, documentation and operational standards.
*
Mentoring and supporting junior analysts where required.
What I’m looking for
*
Strong experience in senior SOC / blue team / security operations roles.
*
Hands-on SIEM engineering and detection tuning experience.
*
Proven ownership of complex incident response and investigations.
*
Cloud security experience across Azure and AWS.
*
Experience automating SOC workflows and response processes.
*
Threat hunting experience beyond basic log review.
*
Comfortable engaging directly with technical stakeholders.
*
Able to prioritise and operate effectively under pressure.
Useful but not essential
*
Microsoft Sentinel experience.
*
Container or Kubernetes environments.
*
CI/CD security tooling exposure.
*
Red or purple team experience.
Why this opportunity
*
Senior ownership and autonomy.
*
Modern cloud-first environment.
*
Strong investment in tooling and automation.
*
Opportunity to genuinely influence how security operations operate.
*
Hybrid working model.
This is a fantastic opportunity to join an innovative company with a clear mission to revolutionise the Engineering and Construction industry through digitalisation. You will be part of a passionate and creative team that values your contributions and supports your professional development.
Apply Now
If you are ready to take on this challenging and rewarding role, we would love to hear from you. Apply today to join our team and help us build a safer, healthier, and more sustainable future.
Want to know more? For an informal chat around this role and your next career move call/email Jamie Smith at Ballantyne Technology or click the apply button below