Lead Incident Response Analyst – Security Operations (Hybrid)
Location: South Wales & Bristol (2 days per week in office)
Circa £55,000 DOE
Join a leading security operations team as a Lead Incident Response Analyst, where you’ll take charge of advanced incident response, proactive threat hunting, and mentoring SOC analysts. Acting as a senior escalation point, you’ll work with cutting-edge Microsoft security tools (Sentinel, Defender suite) and frameworks like MITRE ATT&CK to safeguard clients against sophisticated threats.
What you’ll do:
* Lead containment, eradication, and recovery for high-severity incidents
* Conduct proactive threat hunting and root cause analysis
* Collaborate across SOC teams to improve detection and automation
* Mentor analysts and contribute to early careers programs
What we’re looking for:
* 3+ years SOC experience with strong incident response skills
* Expert in Microsoft Sentinel & Defender suite
* Strong KQL and threat-hunting expertise
* Excellent communication and leadership skills
Hybrid role with on-call rota and opportunities to shape SOC capabilities.