Job Description
Security Monitoring & SIEM AnalystLocation: Berkshire (Onsite)Salary: £45,000 - £60,000 + excellent benefits & trainingSecurity Clearance: Ideally SC Cleared or eligible for SC (UK Nationals only)________________________________________Company OverviewAn exciting opportunity to join a global technology organisation with a well-established cyber security capability supporting mission-critical environments.Cyber security is central to the organisation's strategy, with ongoing investment in tooling, threat intelligence, and specialist talent. The security function operates at a mature level, combining Security Operations, threat detection, incident response, and continuous improvement practices to defend against evolving threats.________________________________________Role OverviewAs a Security Monitoring & SIEM Analyst, you will play a key role within the Security Operations function, focused on real-time detection, investigation, and response to cyber threats using SIEM and security tooling.This role combines hands-on SIEM analysis, alert triage, investigation, and detection improvement, alongside exposure to incident response and proactive threat detection activities.You will work across multiple data sources to identify suspicious behaviour, analyse events, and support the organisation's cyber defence posture through effective monitoring and rapid response.________________________________________Key Responsibilities Monitor, analyse, and investigate security alerts across SIEM and security tooling Conduct detailed investigations across log, endpoint, identity, and network telemetry Develop and optimise detection logic and SIEM queries to improve alert fidelity Analyse security events and correlate activity across multiple data sources Support incident response activities, including containment, escalation, and remediation Perform IOC analysis, enrichment, and validation using threat intelligence sources Identify gaps in detection capabilities and contribute to continuous improvement Work closely with infrastructure, SOC, and incident response teams to enhance response capability Produce clear and structured investigation reports and escalation summaries________________________________________Skills & Experience RequiredCore SIEM & Detection Skills Strong knowledge of SIEM platforms (e.g. Microsoft Sentinel, Splunk, Elastic) Experience writing and tuning queries using: o Kusto Query Language (KQL)o ES|QL / Kibana Query Languageo Splunk SPL Understanding of event correlation, alerting, and detection use-case development________________________________________Technical Foundations Strong knowledge of: o Linux and Windows operating systemso Core networking concepts (TCP/IP, DNS, HTTP/S, firewalls, VPNs) Experience analysing logs across: o Endpoint, identity, network, and cloud environments________________________________________Threat Detection & Security Tooling Strong knowledge of: o EDR/XDR concepts and workflowso IDS/IPS technologies and signature-based detection Experience working with tools such as: o Microsoft Defender, CrowdStrike, SentinelOne, or similar________________________________________Threat & Adversary Knowledge Understanding of attacker Tactics, Techniques and Procedures (TTPs) and how they manifest in logs and telemetry Familiarity with MITRE ATT&CK framework Evidence of staying up to date with: o Emerging threatso Adversary tradecrafto Defensive techniques________________________________________Incident Handling & Investigation Experience handling security incidents through: o Detection and triageo Investigation and analysiso Handover to Incident Response teams Strong understanding of: o Incident management processeso Host-based forensic concepts Ability to apply post-incident review (PIR) learnings to improve detection and response________________________________________Desirable Experience Experience within a SOC or cyber defence environment Exposure to threat hunting or detection engineering Experience in high-security or regulated environments________________________________________Certifications (Beneficial) Microsoft SC-200 (Security Operations Analyst) GIAC / SANS certifications (GCIH, GCIA, GCED, etc.) CREST (CPIA, CRIA, CCTIA, CCBTP) Other recognised cyber security certifications________________________________________Why Join? Work within a mature Security Operations environment Exposure to advanced SIEM tooling and large-scale environments Strong investment in training, certifications, and progression* Opportunity to develop into: o Senior SIEM Analysto Detection Engineero Threat Hunter________________________________________About AdeccoAdecco is acting as an Employment Agency.
We are proud to be an equal opportunities employer. We are on the client's supplier list for this role.________________________________________ KeywordsSIEM Analyst, Security Monitoring Analyst, SOC Analyst, Cyber Security Analyst, Microsoft Sentinel, Splunk, Elastic SIEM, KQL, SPL, ES|QL, Threat Detection, Incident Response, EDR, IDS/IPS, MITRE ATT&CK, Cyber Defence