Tesco UK • Welwyn Garden City • Hybrid • Full-Time • Working hours 36 • Apply by 31-Jul-2026
As a Security Analyst III, you will be the technical authority within the SOC, leading high-quality investigations and proactive threat hunting to protect the organisation from evolving threats. This hands‑on role combines advanced technical expertise with leadership, coaching analysts, driving SOC maturity, and optimising tools and processes to set the standard for excellence across the team.
You will act as a role model for SOC Analysts, coaching and guiding them to elevate technical capability and analytical rigour. Beyond day‑to‑day operations, you will lead maturity objectives, optimise SOC tooling, and identify opportunities for automation, AI integration, and impactful service improvements. You will also play a key role within the CSIRT team, collaborating on major incidents.
What is in it for you
We're all about the little helps. That's why we make sure our Tesco colleague benefits package takes care of you - both in and out of work.
* Annual bonus scheme of up to 20% of base salary
* Holiday starting at 25 days plus a personal day (plus Bank holidays)
* Private medical insurance
* 26 weeks maternity and adoption leave (after 1 years' service) at full pay, followed by 13 weeks of Statutory Maternity Pay or Statutory Adoption Pay, we also offer 6 weeks fully paid paternity leave
* Free 24/7 virtual GP service, Employee Assistance Programme (EAP) for you and your family, free access to a range of experts to support your mental wellbeing
You will be responsible for
* Deliver high-quality investigative analysis to ensure rapid and accurate incident resolution.
* Act as the escalation point and technical authority for complex SOC investigations.
* Lead proactive threat-hunting initiatives to identify and mitigate emerging threats before they impact the business.
* Role-model analytical excellence and decision-making, setting the benchmark for SOC performance.
* Coach and mentor analysts to build technical depth and confidence across the team.
* Drive SOC maturity objectives, improving processes, tooling, and automation for greater efficiency.
* Enhance SOC tool utilisation, including workflow optimisation.
* Identify and implement automation, AI-driven enhancements, and playbook developments.
* Support CSIRT activities during major incidents, ensuring coordinated and effective response.
* Monitor MSSP performance, ensuring alert triage and investigations meet quality and timeliness standards.
You will need
* Over 2 years' experience working in an internal SOC or 3 years at an MSSP in a senior role.
* Deep knowledge of cybersecurity frameworks: MITRE ATT&CK, Cyber Kill Chain, Incident Response Lifecycle, Pyramid of Pain.
* Expertise in threat hunting and advanced investigative analysis.
* Deep understanding of attacker tactics, techniques, and procedures (TTPs) and threat actor behaviours.
* Proficiency in SIEM/XDR platforms and tuning detection logic, use cases, and alert optimisation.
* Advanced querying and scripting skills (e.g., KQL, SPL) for data analysis and threat detection.
* Ability to recommend tooling enhancements and process improvements to strengthen SOC capability.
* Practical knowledge of networks, operating systems, and scripting for investigative purposes.
* Experience in leading technical initiatives and driving service maturity improvements.
* Demonstrated ability to coach and develop team members, fostering technical excellence.
Desirable
* GIAC certifications
* Other relevant certifications such as CISSP or CISM will be considered.
* A relevant degree, with professional experience.
#J-18808-Ljbffr