Overview
As a Security Analyst III, you will be the technical authority within the SOC, leading high-quality investigations and proactive threat hunting to protect the organisation from evolving threats. This hands-on role combines advanced technical expertise with leadership, coaching analysts, driving SOC maturity, and optimising tools and processes to set the standard for excellence across the team.
You will act as a role model for SOC Analysts, coaching and guiding them to elevate technical capability and analytical rigour. Beyond day-to-day operations, you will lead maturity objectives, optimise SOC tooling, and identify opportunities for automation, AI integration, and impactful service improvements. You will also play a key role within the CSIRT team, collaborating on major incidents.
Responsibilities
* Deliver high-quality investigative analysis to ensure rapid and accurate incident resolution.
* Act as the escalation point and technical authority for complex SOC investigations.
* Lead proactive threat-hunting initiatives to identify and mitigate emerging threats before they impact the business.
* Role-model analytical excellence and decision-making, setting the benchmark for SOC performance.
* Coach and mentor analysts to build technical depth and confidence across the team.
* Drive SOC maturity objectives, improving processes, tooling, and automation for greater efficiency.
* Enhance SOC tool utilisation, including workflow optimisation.
* Identify and implement automation, AI-driven enhancements, and playbook developments.
* Support CSIRT activities during major incidents, ensuring coordinated and effective response.
* Monitor MSSP performance, ensuring alert triage and investigations meet quality and timeliness standards.
Qualifications
* Over 2 years’ experience working in an internal SOC or 3 years at an MSSP in a senior role.
* Deep knowledge of cybersecurity frameworks: MITRE ATT&CK, Cyber Kill Chain, Incident Response Lifecycle, Pyramid of Pain.
* Expertise in threat hunting and advanced investigative analysis.
* Deep understanding of attacker tactics, techniques, and procedures (TTPs) and threat actor behaviours.
* Proficiency in SIEM/XDR platforms and tuning detection logic, use cases, and alert optimisation.
* Advanced querying and scripting skills (e.g., KQL, SPL) for data analysis and threat detection.
* Ability to recommend tooling enhancements and process improvements to strengthen SOC capability.
* Practical knowledge of networks, operating systems, and scripting for investigative purposes.
* Experience in leading technical initiatives and driving service maturity improvements.
* Demonstrated ability to coach and develop team members, fostering technical excellence.
Desirable
* GIAC certifications
* Other relevant certifications such as CISSP or CISM will be considered.
* A relevant degree, with professional experience.
What’s in it for you?
* Annual bonus scheme of up to 20% of base salary
* Holiday starting at 25 days plus a personal day (plus Bank holidays)
* Private medical insurance
* 26 weeks maternity and adoption leave (after 1 year’s service) at full pay, followed by 13 weeks of Statutory Maternity Pay or Statutory Adoption Pay, with 6 weeks fully paid paternity leave
* Free 24/7 virtual GP service, Employee Assistance Programme (EAP) for you and your family, free access to a range of experts to support your mental wellbeing
#J-18808-Ljbffr