SOC L2 Analyst (Security Operations Centre)
We’re recruiting an experienced SOC L2 Analyst / Tier 2 Security Analyst to join a high-performing Security Operations Centre (SOC) environment, supporting the investigation, response and remediation of complex cyber security incidents.
This is a hands-on role focused on incident response, threat detection and forensic investigation, working with enterprise-scale security tooling and collaborating closely with Tier 1, Tier 3 and wider IT teams.
Key Responsibilities
* Investigate and respond to Tier 2 security incidents, including malware, ransomware, data breaches and APTs
* Analyse alerts using SIEM tools (Splunk) and EDR platforms (Microsoft Defender)
* Perform incident forensics, root cause analysis and impact assessments
* Own escalations from SOC L1 and provide technical guidance and quality assurance
* Support containment, eradication and recovery activities
* Produce clear incident reports and technical documentation
* Contribute to detection improvement, playbooks and post-incident reviews
Required Skills & Experience
* Proven experience as a SOC Analyst L2 / Tier 2 / Incident Response Analyst
* Strong hands-on experience with Splunk or other SIEM platforms
* Experience with EDR / endpoint detection tools (Defender preferred)
* Solid understanding of incident response, threat hunting and security investigations
* Knowledge of Windows, Linux and enterprise environments
* Ability to work under pressure in a SOC environment
Desirable
* Cyber security certifications (GIAC, GCIH, GCIA, GCFA, CISSP)
* Digital forensics or malware analysis experience
This role suits someone who enjoys owning incidents end-to-end rather than monitoring alerts.
Apply now to discuss further