Overview
Job Title: SOC Analyst (Level 2)
Location: Reading (Hybrid - 3 days onsite per week)
Contract: 12 Months (Inside IR35 / £460 per day)
About the Role
We're looking for an experienced SOC Analyst (Level 2) to join a leading cybersecurity team supporting large-scale enterprise environments. This role involves advanced incident detection, response, and proactive threat hunting using cutting-edge tools such as Splunk, Microsoft Sentinel, CrowdStrike, and Defender. You'll play a key role in identifying, investigating, and mitigating security incidents — ensuring timely responses to complex cyber threats such as malware, ransomware, APTs, and data breaches. This is a fantastic opportunity to contribute to high-impact security operations within a dynamic, collaborative environment.
Responsibilities
* Lead investigations and remediation for complex incidents including malware infections, data breaches, and APTs.
* Perform proactive threat hunting using behavioral analytics and threat intelligence feeds.
* Utilize SIEM and EDR tools (e.g., Splunk, Sentinel, CrowdStrike) to monitor and analyze security alerts.
* Conduct detailed forensic analysis to determine incident scope and root cause.
* Collaborate with internal teams to improve detection and response capabilities.
* Document findings, actions, and lessons learned following incidents.
* Support continuous improvement of SOC processes, playbooks, and detection mechanisms.
* Stay up to date with emerging threats, vulnerabilities, and industry trends.
Skills & Experience Required
* 6-8 years of experience in cybersecurity operations, incident response, or threat hunting.
* Proven experience working in a SOC (Tier 2 or higher) handling escalated incidents.
* Strong hands-on experience with SIEM platforms (e.g., Splunk, Microsoft Sentinel, ArcSight) and EDR tools (CrowdStrike, Defender, Carbon Black, etc.).
* Proficient in incident response and digital forensics (log analysis, malware analysis, network forensics).
* Familiarity with scripting (Python, PowerShell) to automate detection or response activities.
* Solid understanding of security frameworks (e.g., NIST, ISO 27001) and best practices.
* Excellent analytical, troubleshooting, and communication skills.
Desirable Certifications
* CISSP, GCIH, GCFA, GCIA, or equivalent certifications.
* Microsoft Security Operations Analyst (SC-200) certification is a plus
#J-18808-Ljbffr