Senior SOC Analyst

UK - 3 days a week in our Manchester office (Suite B, Maple Court, M60 Office Park, Wynne Ave, Swinton, Clifton, Manchester, M27 8FF)

£50-£55k (Dependent on experience) + benefits

Focus Group is looking for a Senior SOC Analyst to play a key role within our Managed Security Services team. This is a dual focused position combining hands on technical expertise with day to day operational leadership, ensuring high quality delivery of managed detection and response services across a diverse customer base.

You'll lead SOC operations, act as the escalation point for complex security incidents, and mentor junior analysts-driving both service excellence and team development.

• Lead day to day SOC operations, ensuring effective triage, escalation, and communication workflows
• Act as the primary escalation point for complex security investigations and incidents
• Conduct advanced threat investigations across endpoints, networks, and cloud environments
• Perform proactive threat hunting and detection tuning to improve coverage and reduce noise
• Manage and mentor Tier 1-2 analysts, supporting development and technical growth
• Ensure ticket quality, SLA adherence, and high service standards across SOC operations
• Support onboarding of new customers into monitoring and detection platforms
• Collaborate with Cyber Security leadership to improve detection strategy and SOC maturity
• Analyse logs and security data to identify malicious or suspicious activity
• Develop and maintain playbooks, runbooks, and knowledge base content
• Produce clear, actionable incident reports for internal and customer stakeholders
• Engage directly with customers during escalations, incident reviews, and briefings
• Identify opportunities for automation, process improvement, and enhanced detection capabilities
• Stay up to date with emerging threats, attack techniques, and MITRE ATT&CK developments

• 4-6 years' experience in a SOC or MSSP environment at Tier 2-3 or Lead level
• Strong hands on experience with SIEM platforms (e.g. Microsoft Sentinel, Splunk, Elastic, LogPoint)
• Experience with EDR tools such as Microsoft Defender, SentinelOne, or Bitdefender
• Deep understanding of MITRE ATT&CK and modern threat detection methodologies
• Strong incident response, investigation, and log analysis capability across multiple data sources
• Ability to lead during high pressure incidents with calm, confident decision making
• Strong communication skills, including producing clear incident reports and updates
• Proven ability to mentor, coach, and support junior analysts
• Organised approach with the ability to manage multiple concurrent incidents
• Proactive mindset focused on continuous improvement and service optimisation

• Certifications such as SC 200, GCIH, GCIA, Security+, or BTL1
• Experience in an MSSP or multi customer environment
• Microsoft security stack experience (Defender XDR, Sentinel, M365 security)
• Knowledge of cloud security, email security, and vulnerability management
• Experience with KQL or other query languages
• Scripting skills (PowerShell, Python)
• Familiarity with SOAR and threat intelligence platforms
• Understanding of compliance frameworks (ISO 27001, NIST, Cyber Essentials)

• SOC Manager / Head of Security Operations
• Cyber Security Technical Lead
• Detection Engineering Lead
• Threat Intelligence LeadIncident Response Manager
• Security Consultant / Advisory