SOC Analyst Level 2
Homebased (UK)
Competitive salary
Technology focus: Microsoft Sentinel SIEM & Microsoft Defender (MDE/XDR)
This role sits at Level 2 within the Security Operations Centre (SOC) and is responsible for managing and investigating escalated security incidents. The role focuses on analysing alerts, assessing business impact, applying threat intelligence, and recommending appropriate response and escalation actions. You will work closely with Level 1 analysts, senior incident responders, and resolver teams to ensure incidents are handled effectively and documented clearly.
Eligibility for SC clearance required
Skill Set - SOC Analyst Level 2 (Sentinel SIEM & MDE/XDR)
Qualifications & Experience
Essential
* Demonstrable experience working in a Security Operations Centre (SOC) or equivalent cyber security operations role
* Demonstrable experience using Microsoft Sentinel and Microsoft Defender for Endpoint in a live SOC environment
* Strong understanding of enterprise security concepts, including endpoint security, identity threats, malware behaviour, and lateral movement
Desirable
* Industry certifications such as SC-200 (Microsoft Security Operations Analyst)
* Bsc Computing in Engineering or information systems
* CompTIA Security+
* CEH or equivalent
* Strong scripting or automation experience (e.g. KQL, PowerShell, Python) to enhance investigation efficiency
* Experience working in regulated or high-security environments (e.g. government, critical national infrastructure)
Nice to Have
* Exposure to MITRE ATT&CK mapping, detection engineering, or purple-team activities
* Experience contributing to SOC reporting, dashboards, or executive summaries
How this role aligns to Capita's values
Customer First Always
By accurately assessing the business impact of security incidents and recommending proportionate response actions, the SOC Analyst Level 2 helps protect customer services, data, and trust.
Fearless Innovation
The role actively improves detection and response by tuning Sentinel analytics, leveraging advanced KQL hunting, and applying threat intelligence to stay ahead of emerging cyber threats.
Achieve Together
Working closely with Level 1 analysts, Level 3 specialists, and resolver teams across infrastructure, cloud, and endpoint services, the role ensures incidents are managed collaboratively and effectively end-to-end.
Everyone is Valued
Through clear communication, thorough investigation documentation, and knowledge sharing within the SOC, the role supports an inclusive, learning-focused team where contributions and expertise are recognised.
What’s in it for you?
* Remote – work from wherever you’re happiest in the UK
* Competitive Salary
* 23 days’ holiday, rising to 27 (pro rata) – plus the option to buy more after qualifying period
* Paid volunteering day with a charity of your choice
* Generous family leave policies – including 15 weeks fully paid maternity, adoption, and shared parental leave
* Cycle2Work scheme, pension, life assurance, and more
Equal Opportunity and Diversity
We are committed to building a workforce that reflects the diversity of the communities we serve. As part of our strategic goals, we are focused on accelerating gender and ethnic representation in leadership roles. We warmly encourage applications from women and individuals from Black, Asian, and other ethnic minority backgrounds.
We’re an equal opportunity and Disability Confident employer, which means we recruit and develop people based on their merit and passion. We’re committed to providing an inclusive, barrier-free recruitment process and working environment for everyone. If you need the job description or application form in an alternative format (such as large print or audio), or if you’d like to discuss other changes or support you might need going forward, please email reasonableadjustments@capita.com and we’ll get back to you. For more information about equal opportunities and process adjustments, please visit the Capita Careers website.
#J-18808-Ljbffr