L3 soc analyst

L3 SOC Analyst (Cyber Security Consultancy)

📍 Glasgow (Hybrid)

🕒 Full-time | 24/7 SOC Environment (includes occasional out-of-hours work)

💰 £55,000 – £70,000 + benefits (depending on experience)


We’re working with a leading cybersecurity consultancy to recruit an experienced L3 SOC Analyst to join their growing Security Operations Centre team.

This is a fantastic opportunity to play a key role in defending a diverse client base against advanced cyber threats, while also mentoring junior analysts and shaping SOC capabilities.


The Role

As an L3 SOC Analyst, you’ll act as a senior escalation point within a 24/7 SOC, leading complex investigations and driving incident response activities. You’ll work closely with threat intelligence, engineering, and client teams to continuously improve detection and response capabilities.


Key Responsibilities

* Act as the final escalation point for security incidents and alerts
* Lead and coordinate incident response for high-severity threats
* Perform advanced threat hunting and forensic investigations
* Analyse logs from SIEM, EDR, NDR, and cloud security tools
* Develop and refine detection rules and use cases
* Support SOC maturity improvements and playbook development
* Mentor and support L1/L2 analysts
* Produce detailed incident reports and client-facing communications


Skills & Experience Required

* Proven experience in a SOC environment (L2/L3 level)
* Strong hands-on experience with SIEM platforms (e.g., Splunk, Sentinel, QRadar)
* Experience with EDR/XDR tools (e.g., CrowdStrike, Defender, Carbon Black)
* Solid understanding of threat detection, incident response, and MITRE ATT&CK
* Experience in threat hunting and log analysis
* Knowledge of network protocols, endpoints, and cloud environments
* Scripting skills (Python, PowerShell, or similar) are desirable
* Relevant certifications such as GCIA, GCIH, CySA+, or CISSP are a plus


What’s on Offer

* Competitive salary (£55k–£70k depending on experience)
* Hybrid working model (Glasgow-based)
* Exposure to a wide range of clients and industries
* Opportunity to work with cutting-edge security technologies
* Clear progression into SOC Lead / Threat Hunting / Incident Response roles
* Ongoing training and certification support


Additional Information

* This role operates within a 24/7 SOC, so some out-of-hours work and shift flexibility will be required
* Candidates must have the right to work in the UK