Job: Security Operations (SOC) Analyst Location: Belfast, Northern Ireland, UK The Role The SOC Analyst will be responsible for day-to-day security threats, vulnerability management, analysis, and response. You will manage security incidents and review security alerts, determine if the security events are false positives, true positives, or false negatives, while working with incident responders on known or suspected security threats. The Analyst will work on log analysis, vulnerabilities and emerging threats, threat hunting and incident response that adhere to best practices and recognized control frameworks. The role will work closely with Information Security and Information Technology professionals to provide security metrics, threat landscape updates and emerging trends. Responsibilities Monitor, analyse, investigate security incidents and events using various tools and technologies including SIEM, UEBA, Threat Intel and EDR Perform security incident and event correlation, analysis, triage using information gathered from a variety of sources within the enterprise. Generate reports, dashboards, and presentations from security technologies Able to participate in an on call rotation and provide Tier 1 & Tier 2 support. Provide analysis of trending security data from a large number of heterogeneous security devices across different layers. Provide Incident Response (IR) support when analysis confirms an actionable incident. Communicate and collaborate with stakeholders, including internal customers and senior management to provide updates on security incidents and to ensure proper resolution Investigate, document, and report on information security threats and emerging trends. Integrate technologies and share information with SOC analysts and external teams. Participate in internal projects and initiatives to increase SOC efficiency and improve SOC tooling. Improve and challenge existing processes and procedures in an agile and fast-moving environment. Maintain and update security documentation, including incident reports and KB articles Core Qualifications The permanent right to live and work in the United Kingdom - this job is based in Belfast, Northern Ireland Bachelor's degree in a related field (Security, Forensics, Cyber Security, or Computer Science is preferred) or equivalent industry related experience. At least 2 years' experience working within an information security / cyber security role Desirable Proven experience as a security analyst, incident handler/responder, security engineer, or penetration tester. Knowledge of security methodologies, processes (i.e., Cyber Kill Chain/Diamond Models, and the MITRE ATT&CK/D3FEND framework). Knowledge of technical security solutions (such as but not limited to firewalls, SIEM, NIDS/NIPS/HIDS/HIPS, EDR, DLP, SOAR, proxies, network behavioural analytics, orchestration, automation and cloud security). Deep knowledge of TCP/IP, UDP, DNS, FTP, SSH, SSL/TLS and HTTP Protocols, network analysis, and network/security applications and email security. Good knowledge of common malware threats and attack methodologies. Basic knowledge of scripting languages and programming languages (PowerShell, Python, Bash, .NET, Ruby,Java, C, etc.) Desirable Professional Certifications: GCIA, GCIH, GCFE, GCFA, Security+, CCNA CyberOps, OSCP, GPEN, GWAPT, CEH, CySA+ Core Competencies Accountable for the successful completion of multiple, individual projects simultaneously. Communicate effectively by contributing significantly to the development and delivery of a variety of written and visual documents for diverse audiences. Manage change and demonstrate adaptability by adjusting priorities or processes and approaching as needs dictate. Work independently as a team representative of Information Security as well as showing excellence teamwork skills. Ability to develop thorough documentation and operational playbooks, in addition, to suggest alert enhancements to improve detection capability. Fundamental knowledge of network and system technologies and practices Desire for continual learning of new technologies and developing knowledge / skills We Offer 28 days annual leave plus 10 NI national holidays Pension matched up to 7% Private health insurance for medical and dental Life Insurance Great work/life balance and flexible working hours Monthly catered lunches Unlimited drinks and snacks Charitable matching gift program EEO Statement Apex Fintech Solutions is an equal opportunity employer that does not discriminate on the basis of race, color, religion, sex (including pregnancy, sexual orientation, and gender identity), national origin, age, disability, veteran status, marital status, or any other protected characteristic. Our hiring practices ensure that all qualified applicants receive fair consideration without regard to these characteristics. Disability Statement Apex Fintech Solutions is committed to creating an inclusive and accessible workplace for all candidates, including those with disabilities. We are dedicated to ensuring equal employment opportunities and providing reasonable accommodations to qualified individuals with disabilities. If you require reasonable accommodations to participate in the application or interview process, please submit your request via Candidate Accommodation Requests Form. We will work with you to provide the necessary accommodations to ensure your full participation in our hiring process.
09/06/2026
Full time
Job: Security Operations (SOC) Analyst Location: Belfast, Northern Ireland, UK The Role The SOC Analyst will be responsible for day-to-day security threats, vulnerability management, analysis, and response. You will manage security incidents and review security alerts, determine if the security events are false positives, true positives, or false negatives, while working with incident responders on known or suspected security threats. The Analyst will work on log analysis, vulnerabilities and emerging threats, threat hunting and incident response that adhere to best practices and recognized control frameworks. The role will work closely with Information Security and Information Technology professionals to provide security metrics, threat landscape updates and emerging trends. Responsibilities Monitor, analyse, investigate security incidents and events using various tools and technologies including SIEM, UEBA, Threat Intel and EDR Perform security incident and event correlation, analysis, triage using information gathered from a variety of sources within the enterprise. Generate reports, dashboards, and presentations from security technologies Able to participate in an on call rotation and provide Tier 1 & Tier 2 support. Provide analysis of trending security data from a large number of heterogeneous security devices across different layers. Provide Incident Response (IR) support when analysis confirms an actionable incident. Communicate and collaborate with stakeholders, including internal customers and senior management to provide updates on security incidents and to ensure proper resolution Investigate, document, and report on information security threats and emerging trends. Integrate technologies and share information with SOC analysts and external teams. Participate in internal projects and initiatives to increase SOC efficiency and improve SOC tooling. Improve and challenge existing processes and procedures in an agile and fast-moving environment. Maintain and update security documentation, including incident reports and KB articles Core Qualifications The permanent right to live and work in the United Kingdom - this job is based in Belfast, Northern Ireland Bachelor's degree in a related field (Security, Forensics, Cyber Security, or Computer Science is preferred) or equivalent industry related experience. At least 2 years' experience working within an information security / cyber security role Desirable Proven experience as a security analyst, incident handler/responder, security engineer, or penetration tester. Knowledge of security methodologies, processes (i.e., Cyber Kill Chain/Diamond Models, and the MITRE ATT&CK/D3FEND framework). Knowledge of technical security solutions (such as but not limited to firewalls, SIEM, NIDS/NIPS/HIDS/HIPS, EDR, DLP, SOAR, proxies, network behavioural analytics, orchestration, automation and cloud security). Deep knowledge of TCP/IP, UDP, DNS, FTP, SSH, SSL/TLS and HTTP Protocols, network analysis, and network/security applications and email security. Good knowledge of common malware threats and attack methodologies. Basic knowledge of scripting languages and programming languages (PowerShell, Python, Bash, .NET, Ruby,Java, C, etc.) Desirable Professional Certifications: GCIA, GCIH, GCFE, GCFA, Security+, CCNA CyberOps, OSCP, GPEN, GWAPT, CEH, CySA+ Core Competencies Accountable for the successful completion of multiple, individual projects simultaneously. Communicate effectively by contributing significantly to the development and delivery of a variety of written and visual documents for diverse audiences. Manage change and demonstrate adaptability by adjusting priorities or processes and approaching as needs dictate. Work independently as a team representative of Information Security as well as showing excellence teamwork skills. Ability to develop thorough documentation and operational playbooks, in addition, to suggest alert enhancements to improve detection capability. Fundamental knowledge of network and system technologies and practices Desire for continual learning of new technologies and developing knowledge / skills We Offer 28 days annual leave plus 10 NI national holidays Pension matched up to 7% Private health insurance for medical and dental Life Insurance Great work/life balance and flexible working hours Monthly catered lunches Unlimited drinks and snacks Charitable matching gift program EEO Statement Apex Fintech Solutions is an equal opportunity employer that does not discriminate on the basis of race, color, religion, sex (including pregnancy, sexual orientation, and gender identity), national origin, age, disability, veteran status, marital status, or any other protected characteristic. Our hiring practices ensure that all qualified applicants receive fair consideration without regard to these characteristics. Disability Statement Apex Fintech Solutions is committed to creating an inclusive and accessible workplace for all candidates, including those with disabilities. We are dedicated to ensuring equal employment opportunities and providing reasonable accommodations to qualified individuals with disabilities. If you require reasonable accommodations to participate in the application or interview process, please submit your request via Candidate Accommodation Requests Form. We will work with you to provide the necessary accommodations to ensure your full participation in our hiring process.
Role Summary As a Senior Threat Analyst - Tier I on our Managed Detection and Response (MDR) team, you will provide best in class monitoring, detection, and response services to proactively defend customer environments before attacks prevail. You will work alongside and contribute to a team of cyber threat hunters, incident response analysts, engineers, and ethical hackers by using enterprise, log analysis and endpoint collection systems to facilitate investigations, identification, and neutralization of cyber threats. What You Will Do Monitor, investigate, and respond to alerts generated by the Sophos security stack (including EDR/XDR capabilities) Lead and mentor Tier I Analysts through escalated cases, ensuring thorough and accurate investigation practices. Perform end to end analysis on suspicious activity to assess scope, impact, and risk Identify and respond to cyber threats across customer environments using approved playbooks and tooling Accurately document findings, investigative steps, and outcomes in the MDR case management platform Conduct threat hunting to identify potential threats throughout the MDR customer base Investigate phishing emails, suspicious binaries, and behavioral anomalies Support detection tuning by identifying recurring false positives and suggesting improvements Stay informed on threat actor behaviors, MITRE ATT&CK techniques, and Sophos threat research updates Proactively research emerging IOCs, active exploits, and vulnerabilities to stay ahead of evolving threats Contribute to internal knowledge bases, documentation, and continuous improvement initiatives Participate in shift rotations and ensure timely, detailed handovers between global teams Provide detection and response support for active security incidents Manage case workflows: create cases, track progress, and follow up with clients until resolution Engage with clients via chat, phone, and tickets as part of case handling Assist with developing and refining Security Operations processes, playbooks, and tooling feedback What You Will Bring Essential 3+ years of hands on experience in a Security Operations Center (SOC), Managed Detection and Response (MDR) environment, or cybersecurity focused IT role Proficient in the use of endpoint and network security tools (e.g., EDR, IDS/IPS, malware detection platforms) with the ability to validate and triage complex alerts Working knowledge of Windows operating systems (both workstation and server), with additional experience in Linux (Ubuntu, Debian, RedHat) or macOS environments Ability to interpret and analyze Windows event logs and other telemetry data Understanding of core network concepts including TCP/IP, protocols, routing, and traffic analysis Demonstrated experience contributing to real time incident response efforts and threat investigations Exposure to threat hunting methodologies and an understanding of attacker behavior and patterns Experience handling active threats, including containment, mitigation, and recovery efforts during security incidents Familiar with techniques such as persistence, privilege escalation, lateral movement, and defense evasion, and able to identify these in real world environments Familiarity with common incident response workflows and security operations processes Strong analytical thinking and troubleshooting skills, with attention to detail in investigations and case documentation Excellent communication skills, with the ability to clearly explain findings to both technical and non technical audiences Customer first mindset with professionalism and a focus on service excellence Must thrive within a team environment as well as on an individual basis Natural curiosity and willingness to learn in a fast paced, ever changing threat landscape A passion for cybersecurity, continuous improvement, and staying current on threat trends Bachelor's degree in information technology, Computer Science, Cybersecurity or related field, or equivalent practical experience Ability to communicate in English Willingness to participate in shift work including nights, weekends and holidays (our MDR service is 24x7x365) Desirable Familiarity with the MITRE ATT&CK framework and its application in detection and response Experience working with SIEM platforms and managing enterprise security telemetry Ability to write and interpret SQL queries for data analysis and investigation Experience with OSQuery and scripting skills, particularly in PowerShell Relevant and practical cybersecurity certifications (e.g., GSEC, GCIA, GCIH, PEN-200, Security Blue Team L1, TCM Academy SOC L1, or similar) We're proud of the diverse and inclusive environment we have at Sophos, and we're committed to ensuring equality of opportunity. We believe that diversity, combined with excellence, builds a better Sophos, so we encourage applicants who can contribute to the diversity of our team. All applicants will be treated in a fair and equal manner and in accordance with the law regardless of gender, sex, gender reassignment, marital status, race, religion or belief, color, age, military veteran status, disability, pregnancy, maternity or sexual orientation. We want to give you every opportunity to show us your best self, so if there are any adjustments we could make to the recruitment and selection process to support you, please let us know.
06/06/2026
Full time
Role Summary As a Senior Threat Analyst - Tier I on our Managed Detection and Response (MDR) team, you will provide best in class monitoring, detection, and response services to proactively defend customer environments before attacks prevail. You will work alongside and contribute to a team of cyber threat hunters, incident response analysts, engineers, and ethical hackers by using enterprise, log analysis and endpoint collection systems to facilitate investigations, identification, and neutralization of cyber threats. What You Will Do Monitor, investigate, and respond to alerts generated by the Sophos security stack (including EDR/XDR capabilities) Lead and mentor Tier I Analysts through escalated cases, ensuring thorough and accurate investigation practices. Perform end to end analysis on suspicious activity to assess scope, impact, and risk Identify and respond to cyber threats across customer environments using approved playbooks and tooling Accurately document findings, investigative steps, and outcomes in the MDR case management platform Conduct threat hunting to identify potential threats throughout the MDR customer base Investigate phishing emails, suspicious binaries, and behavioral anomalies Support detection tuning by identifying recurring false positives and suggesting improvements Stay informed on threat actor behaviors, MITRE ATT&CK techniques, and Sophos threat research updates Proactively research emerging IOCs, active exploits, and vulnerabilities to stay ahead of evolving threats Contribute to internal knowledge bases, documentation, and continuous improvement initiatives Participate in shift rotations and ensure timely, detailed handovers between global teams Provide detection and response support for active security incidents Manage case workflows: create cases, track progress, and follow up with clients until resolution Engage with clients via chat, phone, and tickets as part of case handling Assist with developing and refining Security Operations processes, playbooks, and tooling feedback What You Will Bring Essential 3+ years of hands on experience in a Security Operations Center (SOC), Managed Detection and Response (MDR) environment, or cybersecurity focused IT role Proficient in the use of endpoint and network security tools (e.g., EDR, IDS/IPS, malware detection platforms) with the ability to validate and triage complex alerts Working knowledge of Windows operating systems (both workstation and server), with additional experience in Linux (Ubuntu, Debian, RedHat) or macOS environments Ability to interpret and analyze Windows event logs and other telemetry data Understanding of core network concepts including TCP/IP, protocols, routing, and traffic analysis Demonstrated experience contributing to real time incident response efforts and threat investigations Exposure to threat hunting methodologies and an understanding of attacker behavior and patterns Experience handling active threats, including containment, mitigation, and recovery efforts during security incidents Familiar with techniques such as persistence, privilege escalation, lateral movement, and defense evasion, and able to identify these in real world environments Familiarity with common incident response workflows and security operations processes Strong analytical thinking and troubleshooting skills, with attention to detail in investigations and case documentation Excellent communication skills, with the ability to clearly explain findings to both technical and non technical audiences Customer first mindset with professionalism and a focus on service excellence Must thrive within a team environment as well as on an individual basis Natural curiosity and willingness to learn in a fast paced, ever changing threat landscape A passion for cybersecurity, continuous improvement, and staying current on threat trends Bachelor's degree in information technology, Computer Science, Cybersecurity or related field, or equivalent practical experience Ability to communicate in English Willingness to participate in shift work including nights, weekends and holidays (our MDR service is 24x7x365) Desirable Familiarity with the MITRE ATT&CK framework and its application in detection and response Experience working with SIEM platforms and managing enterprise security telemetry Ability to write and interpret SQL queries for data analysis and investigation Experience with OSQuery and scripting skills, particularly in PowerShell Relevant and practical cybersecurity certifications (e.g., GSEC, GCIA, GCIH, PEN-200, Security Blue Team L1, TCM Academy SOC L1, or similar) We're proud of the diverse and inclusive environment we have at Sophos, and we're committed to ensuring equality of opportunity. We believe that diversity, combined with excellence, builds a better Sophos, so we encourage applicants who can contribute to the diversity of our team. All applicants will be treated in a fair and equal manner and in accordance with the law regardless of gender, sex, gender reassignment, marital status, race, religion or belief, color, age, military veteran status, disability, pregnancy, maternity or sexual orientation. We want to give you every opportunity to show us your best self, so if there are any adjustments we could make to the recruitment and selection process to support you, please let us know.
Come and join the Littlefish team! Work location: Nottingham (Hybrid) Salary: Up to: £35,000 + 20% shift allowance Shift pattern: 4 days on/4 days off Must be eligible for SC Clearance (UK resident for the last 5 years) and NPPV2 clearance Here at Littlefish, we look for people who can make a real difference and become a giant slayer. As the world around us continues to change, we look for people who grab that change with optimism and excitement. These are the passionate and high performing people who enjoy and thrive on thinking outside the box. Our current employees are the giant slayers who have made Littlefish who we are today, and you will be the future employees who continue to add the drive, passion, and add to our skills and experience as we see Littlefish grow. So, if this is ticking your boxes and you are excited at the thought of working with creative, passionate, energetic, friendly people- we would love to hear from you. The role and what you'll be getting up to on a day-to-day basis: As a Tier 2 Cyber Security Analyst, you'll work within the CSOC to detect, investigate, and respond to advanced security threats across customer environments. You'll support the CSOC Manager with day-to-day operations, act as a technical escalation point for analysts, and provide out-of-hours escalation support when required. This is a hands-on technical role where you'll investigate complex alerts, support threat-hunting activities, contribute to the tuning of SIEM detections, and help improve SOC processes and response playbooks. You'll also play an important role in mentoring analysts and supporting the continued development of the SOC's technical capability. Technology innovation is part of our DNA, and this role will continue to evolve as AI-driven detection, automation, and response capabilities are introduced. You will: Investigate, triage, and respond to security alerts across customer environments Support the tuning and maintenance of SIEM detection rules alongside senior analysts Carry out proactive threat analysis and support threat-hunting activities Act as an escalation point for Tier 1 analysts, providing guidance and technical support Investigate complex security incidents and contribute to root-cause analysis Support continual improvement of SOC processes and response playbooks Assist with monthly SOC reporting and contribute insights into customer security posture Support client service reviews and communicate cyber risks in clear, business-friendly language Conduct security assessments, including vulnerability testing and risk analysis Ensure timely, high-quality incident resolution in line with SOC standards and SLAs Who you are: You're an experienced cyber security professional with deep SOC experience and a strong technical foundation. You're confident making decisions in high-pressure situations, enjoy solving complex security challenges, and take pride in supporting and developing others. You balance technical excellence with a service-delivery mindset and strong customer engagement. You will have: 2-4 years' experience in a Security Operations or similar cyber role Strong experience investigating and responding to cyber security incidents Hands-on experience with SIEM, EDR, and email security tooling Experience working in a Microsoft XDR SOC Strong KQL (Kusto Query Language) skills Experience mentoring and supporting analysts at different levels Excellent written and verbal communication skills Strong analytical thinking, judgement, and attention to detail A proactive, self-motivated approach and passion for cyber security It's a bonus if you also have: Relevant cyber security certifications such as AZ-500, SC-300, SC-100, SC-200, or SANS certifications Experience working as part of an incident response function Exposure to developing or enhancing detection rules and response playbooks Knowledge of vulnerability assessment and remediation processes An understanding of balancing business requirements with technical and security standards What can we offer you? Healthcare cash plan. This will give you access to online GP appointments, 24/7 access to qualified counsellors and cash back against a range of general healthcare Referral bonus scheme of £1000 when you successfully refer a friend. Access to our LinkedIn Learning platform, with over 16000 expert-led online tutorials to enhance and achieve your personal and professional goals. Casual dress policy Company Pension Scheme Company social events 25 days annual leave plus public/bank holidays Purchase of annual leave scheme Life at Littlefish: Our company values shape who we are as a business, what we stand for and how we work. Hiring people with our values at heart, is very important as we see Littlefish grow. I am High Performing- I like to raise the bar, we look at creating opportunities to increase quality and improve efficiency, we strive for service excellence. I am Passionate- We build team success and celebrate them together, I am enthusiastic and energetic, I care about the people I work with and we support one another. I Have a Can-Do Attitude - I am not afraid to step outside my comfort zone, we are not afraid to challenge status quo, we get stuff done! So, if you feel like you can make a tangible difference, apply today, and join us on this journey. Here at Littlefish we aim to be somewhere everyone can be themselves. We are committed to encouraging a diverse and inclusive community where everyone irrespective of who they are, or their background, can feel equal and supported. We encourage applications from people of all backgrounds. Please get in touch if you are concerned about any difficulties you may face during your recruitment process, so we adjust accordingly. Part of our application process includes a set of ED&I (Equality, diversity and inclusion) questions. Please note, each question has a prefer not to say option).
05/06/2026
Full time
Come and join the Littlefish team! Work location: Nottingham (Hybrid) Salary: Up to: £35,000 + 20% shift allowance Shift pattern: 4 days on/4 days off Must be eligible for SC Clearance (UK resident for the last 5 years) and NPPV2 clearance Here at Littlefish, we look for people who can make a real difference and become a giant slayer. As the world around us continues to change, we look for people who grab that change with optimism and excitement. These are the passionate and high performing people who enjoy and thrive on thinking outside the box. Our current employees are the giant slayers who have made Littlefish who we are today, and you will be the future employees who continue to add the drive, passion, and add to our skills and experience as we see Littlefish grow. So, if this is ticking your boxes and you are excited at the thought of working with creative, passionate, energetic, friendly people- we would love to hear from you. The role and what you'll be getting up to on a day-to-day basis: As a Tier 2 Cyber Security Analyst, you'll work within the CSOC to detect, investigate, and respond to advanced security threats across customer environments. You'll support the CSOC Manager with day-to-day operations, act as a technical escalation point for analysts, and provide out-of-hours escalation support when required. This is a hands-on technical role where you'll investigate complex alerts, support threat-hunting activities, contribute to the tuning of SIEM detections, and help improve SOC processes and response playbooks. You'll also play an important role in mentoring analysts and supporting the continued development of the SOC's technical capability. Technology innovation is part of our DNA, and this role will continue to evolve as AI-driven detection, automation, and response capabilities are introduced. You will: Investigate, triage, and respond to security alerts across customer environments Support the tuning and maintenance of SIEM detection rules alongside senior analysts Carry out proactive threat analysis and support threat-hunting activities Act as an escalation point for Tier 1 analysts, providing guidance and technical support Investigate complex security incidents and contribute to root-cause analysis Support continual improvement of SOC processes and response playbooks Assist with monthly SOC reporting and contribute insights into customer security posture Support client service reviews and communicate cyber risks in clear, business-friendly language Conduct security assessments, including vulnerability testing and risk analysis Ensure timely, high-quality incident resolution in line with SOC standards and SLAs Who you are: You're an experienced cyber security professional with deep SOC experience and a strong technical foundation. You're confident making decisions in high-pressure situations, enjoy solving complex security challenges, and take pride in supporting and developing others. You balance technical excellence with a service-delivery mindset and strong customer engagement. You will have: 2-4 years' experience in a Security Operations or similar cyber role Strong experience investigating and responding to cyber security incidents Hands-on experience with SIEM, EDR, and email security tooling Experience working in a Microsoft XDR SOC Strong KQL (Kusto Query Language) skills Experience mentoring and supporting analysts at different levels Excellent written and verbal communication skills Strong analytical thinking, judgement, and attention to detail A proactive, self-motivated approach and passion for cyber security It's a bonus if you also have: Relevant cyber security certifications such as AZ-500, SC-300, SC-100, SC-200, or SANS certifications Experience working as part of an incident response function Exposure to developing or enhancing detection rules and response playbooks Knowledge of vulnerability assessment and remediation processes An understanding of balancing business requirements with technical and security standards What can we offer you? Healthcare cash plan. This will give you access to online GP appointments, 24/7 access to qualified counsellors and cash back against a range of general healthcare Referral bonus scheme of £1000 when you successfully refer a friend. Access to our LinkedIn Learning platform, with over 16000 expert-led online tutorials to enhance and achieve your personal and professional goals. Casual dress policy Company Pension Scheme Company social events 25 days annual leave plus public/bank holidays Purchase of annual leave scheme Life at Littlefish: Our company values shape who we are as a business, what we stand for and how we work. Hiring people with our values at heart, is very important as we see Littlefish grow. I am High Performing- I like to raise the bar, we look at creating opportunities to increase quality and improve efficiency, we strive for service excellence. I am Passionate- We build team success and celebrate them together, I am enthusiastic and energetic, I care about the people I work with and we support one another. I Have a Can-Do Attitude - I am not afraid to step outside my comfort zone, we are not afraid to challenge status quo, we get stuff done! So, if you feel like you can make a tangible difference, apply today, and join us on this journey. Here at Littlefish we aim to be somewhere everyone can be themselves. We are committed to encouraging a diverse and inclusive community where everyone irrespective of who they are, or their background, can feel equal and supported. We encourage applications from people of all backgrounds. Please get in touch if you are concerned about any difficulties you may face during your recruitment process, so we adjust accordingly. Part of our application process includes a set of ED&I (Equality, diversity and inclusion) questions. Please note, each question has a prefer not to say option).
Job: Security Operations (SOC) Analyst Location: Belfast, Northern Ireland, UK The Role The SOC Analyst will be responsible for day-to-day security threats, vulnerability management, analysis, and response. You will manage security incidents and review security alerts, determine if the security events are false positives, true positives, or false negatives, while working with incident responders on known or suspected security threats. The Analyst will work on log analysis, vulnerabilities and emerging threats, threat hunting and incident response that adhere to best practices and recognized control frameworks. The role will work closely with Information Security and Information Technology professionals to provide security metrics, threat landscape updates and emerging trends. Responsibilities Monitor, analyse, investigate security incidents and events using various tools and technologies including SIEM, UEBA, Threat Intel and EDR Perform security incident and event correlation, analysis, triage using information gathered from a variety of sources within the enterprise. Generate reports, dashboards, and presentations from security technologies Able to participate in an on call rotation and provide Tier 1 & Tier 2 support. Provide analysis of trending security data from a large number of heterogeneous security devices across different layers. Provide Incident Response (IR) support when analysis confirms an actionable incident. Communicate and collaborate with stakeholders, including internal customers and senior management to provide updates on security incidents and to ensure proper resolution Investigate, document, and report on information security threats and emerging trends. Integrate technologies and share information with SOC analysts and external teams. Participate in internal projects and initiatives to increase SOC efficiency and improve SOC tooling. Improve and challenge existing processes and procedures in an agile and fast-moving environment. Maintain and update security documentation, including incident reports and KB articles Core Qualifications The permanent right to live and work in the United Kingdom - this job is based in Belfast, Northern Ireland Bachelor's degree in a related field (Security, Forensics, Cyber Security, or Computer Science is preferred) or equivalent industry related experience. At least 2 years' experience working within an information security / cyber security role Desirable Proven experience as a security analyst, incident handler/responder, security engineer, or penetration tester. Knowledge of security methodologies, processes (i.e., Cyber Kill Chain/Diamond Models, and the MITRE ATT&CK/D3FEND framework). Knowledge of technical security solutions (such as but not limited to firewalls, SIEM, NIDS/NIPS/HIDS/HIPS, EDR, DLP, SOAR, proxies, network behavioural analytics, orchestration, automation and cloud security). Deep knowledge of TCP/IP, UDP, DNS, FTP, SSH, SSL/TLS and HTTP Protocols, network analysis, and network/security applications and email security. Good knowledge of common malware threats and attack methodologies. Basic knowledge of scripting languages and programming languages (PowerShell, Python, Bash, .NET, Ruby,Java, C, etc.) Desirable Professional Certifications: GCIA, GCIH, GCFE, GCFA, Security+, CCNA CyberOps, OSCP, GPEN, GWAPT, CEH, CySA+ Core Competencies Accountable for the successful completion of multiple, individual projects simultaneously. Communicate effectively by contributing significantly to the development and delivery of a variety of written and visual documents for diverse audiences. Manage change and demonstrate adaptability by adjusting priorities or processes and approaching as needs dictate. Work independently as a team representative of Information Security as well as showing excellence teamwork skills. Ability to develop thorough documentation and operational playbooks, in addition, to suggest alert enhancements to improve detection capability. Fundamental knowledge of network and system technologies and practices Desire for continual learning of new technologies and developing knowledge / skills We Offer 28 days annual leave plus 10 NI national holidays Pension matched up to 7% Private health insurance for medical and dental Life Insurance Great work/life balance and flexible working hours Monthly catered lunches Unlimited drinks and snacks Charitable matching gift program EEO Statement Apex Fintech Solutions is an equal opportunity employer that does not discriminate on the basis of race, color, religion, sex (including pregnancy, sexual orientation, and gender identity), national origin, age, disability, veteran status, marital status, or any other protected characteristic. Our hiring practices ensure that all qualified applicants receive fair consideration without regard to these characteristics. Disability Statement Apex Fintech Solutions is committed to creating an inclusive and accessible workplace for all candidates, including those with disabilities. We are dedicated to ensuring equal employment opportunities and providing reasonable accommodations to qualified individuals with disabilities. If you require reasonable accommodations to participate in the application or interview process, please submit your request via Candidate Accommodation Requests Form. We will work with you to provide the necessary accommodations to ensure your full participation in our hiring process.
04/06/2026
Full time
Job: Security Operations (SOC) Analyst Location: Belfast, Northern Ireland, UK The Role The SOC Analyst will be responsible for day-to-day security threats, vulnerability management, analysis, and response. You will manage security incidents and review security alerts, determine if the security events are false positives, true positives, or false negatives, while working with incident responders on known or suspected security threats. The Analyst will work on log analysis, vulnerabilities and emerging threats, threat hunting and incident response that adhere to best practices and recognized control frameworks. The role will work closely with Information Security and Information Technology professionals to provide security metrics, threat landscape updates and emerging trends. Responsibilities Monitor, analyse, investigate security incidents and events using various tools and technologies including SIEM, UEBA, Threat Intel and EDR Perform security incident and event correlation, analysis, triage using information gathered from a variety of sources within the enterprise. Generate reports, dashboards, and presentations from security technologies Able to participate in an on call rotation and provide Tier 1 & Tier 2 support. Provide analysis of trending security data from a large number of heterogeneous security devices across different layers. Provide Incident Response (IR) support when analysis confirms an actionable incident. Communicate and collaborate with stakeholders, including internal customers and senior management to provide updates on security incidents and to ensure proper resolution Investigate, document, and report on information security threats and emerging trends. Integrate technologies and share information with SOC analysts and external teams. Participate in internal projects and initiatives to increase SOC efficiency and improve SOC tooling. Improve and challenge existing processes and procedures in an agile and fast-moving environment. Maintain and update security documentation, including incident reports and KB articles Core Qualifications The permanent right to live and work in the United Kingdom - this job is based in Belfast, Northern Ireland Bachelor's degree in a related field (Security, Forensics, Cyber Security, or Computer Science is preferred) or equivalent industry related experience. At least 2 years' experience working within an information security / cyber security role Desirable Proven experience as a security analyst, incident handler/responder, security engineer, or penetration tester. Knowledge of security methodologies, processes (i.e., Cyber Kill Chain/Diamond Models, and the MITRE ATT&CK/D3FEND framework). Knowledge of technical security solutions (such as but not limited to firewalls, SIEM, NIDS/NIPS/HIDS/HIPS, EDR, DLP, SOAR, proxies, network behavioural analytics, orchestration, automation and cloud security). Deep knowledge of TCP/IP, UDP, DNS, FTP, SSH, SSL/TLS and HTTP Protocols, network analysis, and network/security applications and email security. Good knowledge of common malware threats and attack methodologies. Basic knowledge of scripting languages and programming languages (PowerShell, Python, Bash, .NET, Ruby,Java, C, etc.) Desirable Professional Certifications: GCIA, GCIH, GCFE, GCFA, Security+, CCNA CyberOps, OSCP, GPEN, GWAPT, CEH, CySA+ Core Competencies Accountable for the successful completion of multiple, individual projects simultaneously. Communicate effectively by contributing significantly to the development and delivery of a variety of written and visual documents for diverse audiences. Manage change and demonstrate adaptability by adjusting priorities or processes and approaching as needs dictate. Work independently as a team representative of Information Security as well as showing excellence teamwork skills. Ability to develop thorough documentation and operational playbooks, in addition, to suggest alert enhancements to improve detection capability. Fundamental knowledge of network and system technologies and practices Desire for continual learning of new technologies and developing knowledge / skills We Offer 28 days annual leave plus 10 NI national holidays Pension matched up to 7% Private health insurance for medical and dental Life Insurance Great work/life balance and flexible working hours Monthly catered lunches Unlimited drinks and snacks Charitable matching gift program EEO Statement Apex Fintech Solutions is an equal opportunity employer that does not discriminate on the basis of race, color, religion, sex (including pregnancy, sexual orientation, and gender identity), national origin, age, disability, veteran status, marital status, or any other protected characteristic. Our hiring practices ensure that all qualified applicants receive fair consideration without regard to these characteristics. Disability Statement Apex Fintech Solutions is committed to creating an inclusive and accessible workplace for all candidates, including those with disabilities. We are dedicated to ensuring equal employment opportunities and providing reasonable accommodations to qualified individuals with disabilities. If you require reasonable accommodations to participate in the application or interview process, please submit your request via Candidate Accommodation Requests Form. We will work with you to provide the necessary accommodations to ensure your full participation in our hiring process.
Detego Global is on the lookout for a SOC Subject Matter Expert to join our Product Management team. We are looking for a mid to senior SOC analyst with extensive operational experience who is ready to transition into a product-focused role. You will be the voice of the SOC development team, translating deep operational security experience into product requirements and strategic direction for advanced SOC command and control tools. You will work closely with product managers, engineers, UX designers, and customers to ensure our products solve real analyst challenges and improve SOC efficiency and effectiveness. This role will provide the right candidate with the opportunity to work on some extremely rewarding projects supporting the development of impactful security operations software while working with a friendly and supportive team. The role has a strong opportunity for growth and will play an integral role in helping shape the future of SOC products and security operations tools. Reports to: Senior Product Manager Place of Work: Hybrid Remote/Office in Horsham Responsibilities and Duties The SOC Subject Matter Expert role requires a professional who combines extensive SOC operational experience with strategic product thinking to bridge the gap between security operations needs and product development. They will be responsible for providing expert SOC operational guidance throughout the product development lifecycle, defining system-level requirements, and ensuring our products genuinely address the challenges faced by SOC analysts in real-world environments. Their primary responsibility lies in translating SOC analyst pain points, workflows, and use cases into actionable product features, with particular focus on alert/incident prioritisation and intelligent playbook execution that helps analysts make critical security decisions. Their responsibilities will include: Providing expert SOC operational guidance to product management and engineering teams throughout the product development lifecycle. Defining and documenting detailed system-level requirements for SOC analyst tools, ensuring alignment with real-world operational needs. Translating SOC analyst pain points, workflows, and use cases into actionable product features and user stories. Designing and validating alert prioritisation algorithms, incident triage workflows, and automated playbook logic based on operational experience. Collaborating with product managers to shape product strategy, roadmap priorities, and feature definitions. Conducting customer discovery sessions, interviews, and workshops with SOC teams to gather requirements and validate concepts. Creating realistic user personas, journey maps, and workflow diagrams that represent authentic SOC analyst experiences. Evaluating competitive SOC tools and industry trends to inform product differentiation and innovation opportunities. Participating in proof-of-concept development to validate new features addressing critical analyst decision-making challenges. Working with UX designers to ensure intuitive interfaces that match SOC analyst mental models and workflow patterns. Providing technical consultation on threat detection logic, MITRE ATT&CK mapping, and security operations best practices. Supporting go-to-market activities by creating technical content, conducting product demonstrations, and engaging with prospective customers. Mentoring and educating internal teams on SOC operations, threat landscapes, and analyst workflows. Ensuring product features align with industry frameworks (MITRE ATT&CK, NIST, ISO 27001) and SOC maturity models. Act as a trusted SOC and cyber defence expert in customer meetings, workshops, and solution design sessions. Support pre-sales engagements by articulating operational value, use cases, and real-world applicability. Deliver product demonstrations and technical briefings tailored to SOC practitioners, security leaders, and decision-makers. Translate complex SOC workflows and technical concepts into clear, compelling narratives for customers and stakeholders. Support go-to-market activities through technical content creation, presentations, and customer engagement. Skills and Experience Minimum 6 years of hands on experience as a SOC Analyst, Senior SOC Analyst, or SOC Team Lead Deep understanding of end to end SOC operations including alert triage, incident response, threat hunting, and case management Extensive experience with SIEM platforms, security orchestration tools, and the broader SOC technology stack Strong knowledge of threat detection methodologies, alert correlation, and incident prioritisation frameworks Expert level understanding of MITRE ATT&CK framework and its practical application in SOC operations Proven ability to identify operational inefficiencies and translate them into product improvement opportunities Experience developing or optimising SOC playbooks, runbooks, and standard operating procedures Excellent communication skills with ability to articulate complex security concepts to both technical and business audiences Strong analytical and strategic thinking capabilities Understanding of common attack patterns, threat actor TTPs, and the evolving threat landscape Ability to balance ideal security outcomes with practical operational constraints and business realities Strong problem solving skills and willingness to roll up one's sleeves to get the job done Skilled at working effectively with cross functional teams in a matrix organisation 8+ years of progressive SOC experience including team leadership or senior analyst responsibilities. Experience in Tier 2 or Tier 3 SOC roles with incident response and threat hunting responsibilities. Previous involvement in SOC tool evaluation, selection, or implementation projects. Experience with security automation, SOAR platforms, or playbook development. Experience working with or partnering with SOC/SIEM/EDR vendors and MSSP (Managed Security Service Provider) vendors. Familiarity with product management principles, agile methodologies, or requirements gathering processes. Experience presenting to executive leadership or external stakeholders. Knowledge of multiple SIEM platforms (Splunk, QRadar, Sentinel, Chronicle, etc.) and their operational strengths/weaknesses. Understanding of SOC metrics, KPIs, and performance measurement frameworks. Security certifications (e.g., GCIH, GCIA, GCFA, CISSP, GMON) demonstrating advanced security operations expertise. Experience working in regulated industries or with compliance driven security operations. Bachelor's degree in cybersecurity, information technology, or related field. "
04/06/2026
Full time
Detego Global is on the lookout for a SOC Subject Matter Expert to join our Product Management team. We are looking for a mid to senior SOC analyst with extensive operational experience who is ready to transition into a product-focused role. You will be the voice of the SOC development team, translating deep operational security experience into product requirements and strategic direction for advanced SOC command and control tools. You will work closely with product managers, engineers, UX designers, and customers to ensure our products solve real analyst challenges and improve SOC efficiency and effectiveness. This role will provide the right candidate with the opportunity to work on some extremely rewarding projects supporting the development of impactful security operations software while working with a friendly and supportive team. The role has a strong opportunity for growth and will play an integral role in helping shape the future of SOC products and security operations tools. Reports to: Senior Product Manager Place of Work: Hybrid Remote/Office in Horsham Responsibilities and Duties The SOC Subject Matter Expert role requires a professional who combines extensive SOC operational experience with strategic product thinking to bridge the gap between security operations needs and product development. They will be responsible for providing expert SOC operational guidance throughout the product development lifecycle, defining system-level requirements, and ensuring our products genuinely address the challenges faced by SOC analysts in real-world environments. Their primary responsibility lies in translating SOC analyst pain points, workflows, and use cases into actionable product features, with particular focus on alert/incident prioritisation and intelligent playbook execution that helps analysts make critical security decisions. Their responsibilities will include: Providing expert SOC operational guidance to product management and engineering teams throughout the product development lifecycle. Defining and documenting detailed system-level requirements for SOC analyst tools, ensuring alignment with real-world operational needs. Translating SOC analyst pain points, workflows, and use cases into actionable product features and user stories. Designing and validating alert prioritisation algorithms, incident triage workflows, and automated playbook logic based on operational experience. Collaborating with product managers to shape product strategy, roadmap priorities, and feature definitions. Conducting customer discovery sessions, interviews, and workshops with SOC teams to gather requirements and validate concepts. Creating realistic user personas, journey maps, and workflow diagrams that represent authentic SOC analyst experiences. Evaluating competitive SOC tools and industry trends to inform product differentiation and innovation opportunities. Participating in proof-of-concept development to validate new features addressing critical analyst decision-making challenges. Working with UX designers to ensure intuitive interfaces that match SOC analyst mental models and workflow patterns. Providing technical consultation on threat detection logic, MITRE ATT&CK mapping, and security operations best practices. Supporting go-to-market activities by creating technical content, conducting product demonstrations, and engaging with prospective customers. Mentoring and educating internal teams on SOC operations, threat landscapes, and analyst workflows. Ensuring product features align with industry frameworks (MITRE ATT&CK, NIST, ISO 27001) and SOC maturity models. Act as a trusted SOC and cyber defence expert in customer meetings, workshops, and solution design sessions. Support pre-sales engagements by articulating operational value, use cases, and real-world applicability. Deliver product demonstrations and technical briefings tailored to SOC practitioners, security leaders, and decision-makers. Translate complex SOC workflows and technical concepts into clear, compelling narratives for customers and stakeholders. Support go-to-market activities through technical content creation, presentations, and customer engagement. Skills and Experience Minimum 6 years of hands on experience as a SOC Analyst, Senior SOC Analyst, or SOC Team Lead Deep understanding of end to end SOC operations including alert triage, incident response, threat hunting, and case management Extensive experience with SIEM platforms, security orchestration tools, and the broader SOC technology stack Strong knowledge of threat detection methodologies, alert correlation, and incident prioritisation frameworks Expert level understanding of MITRE ATT&CK framework and its practical application in SOC operations Proven ability to identify operational inefficiencies and translate them into product improvement opportunities Experience developing or optimising SOC playbooks, runbooks, and standard operating procedures Excellent communication skills with ability to articulate complex security concepts to both technical and business audiences Strong analytical and strategic thinking capabilities Understanding of common attack patterns, threat actor TTPs, and the evolving threat landscape Ability to balance ideal security outcomes with practical operational constraints and business realities Strong problem solving skills and willingness to roll up one's sleeves to get the job done Skilled at working effectively with cross functional teams in a matrix organisation 8+ years of progressive SOC experience including team leadership or senior analyst responsibilities. Experience in Tier 2 or Tier 3 SOC roles with incident response and threat hunting responsibilities. Previous involvement in SOC tool evaluation, selection, or implementation projects. Experience with security automation, SOAR platforms, or playbook development. Experience working with or partnering with SOC/SIEM/EDR vendors and MSSP (Managed Security Service Provider) vendors. Familiarity with product management principles, agile methodologies, or requirements gathering processes. Experience presenting to executive leadership or external stakeholders. Knowledge of multiple SIEM platforms (Splunk, QRadar, Sentinel, Chronicle, etc.) and their operational strengths/weaknesses. Understanding of SOC metrics, KPIs, and performance measurement frameworks. Security certifications (e.g., GCIH, GCIA, GCFA, CISSP, GMON) demonstrating advanced security operations expertise. Experience working in regulated industries or with compliance driven security operations. Bachelor's degree in cybersecurity, information technology, or related field. "
About This Role The Senior SOC Analyst will be responsible for day to day security threats, vulnerability management, analysis, and response. The role involves managing security incidents, reviewing alerts, determining false positives and true positives, and working with incident responders on known or suspected security threats. The analyst will conduct log analysis, vulnerabilities, emerging threats, threat hunting, and incident response in alignment with best practices and recognized control frameworks, while mentoring analysts and handling escalations. The analyst will also provide security metrics, threat landscape updates, and emerging trend analyses. Responsibilities Operate within a Security Operations Center (SOC) team environment. Monitor, analyse, and investigate security incidents and events using tools such as SIEM, UEBA, Threat Intel, and EDR. Perform security incident and event correlation, analysis, and triage using information from multiple sources within the enterprise. Generate reports, dashboards, and presentations from security technologies. Act as the point of contact for Tier1 and Tier2 escalations for in depth investigations. Participate in an on call rotation. Analyse trending security data from heterogeneous security devices across multiple layers. Provide Incident Response (IR) support when analysis confirms actionable incidents. Communicate and collaborate with stakeholders, including internal customers and senior management, to provide updates on security incidents and ensure proper resolution. Investigate, document, and report on information security threats and emerging trends. Integrate technologies and share information with SOC analysts and external teams. Participate in internal projects to increase SOC efficiency and improve tooling. Improve and challenge existing processes and procedures in an agile environment. Maintain and update security documentation, including incident reports and KB articles. Provide technical expertise, mentor team members, and advise other departments. Perform advanced threat hunting activities using custom queries, behavioural analysis, and threat modelling frameworks. Develop and maintain security dashboards, metrics, and executive level reporting. Develop and maintain security tools, playbooks, and SOAR workflows to improve SOC efficiency. Core Qualifications Permanent right to live and work in the United Kingdom - job is based in Belfast, Northern Ireland. Bachelor's degree in a related field (Security, Forensics, Cyber Security, Computer Science) or equivalent industry experience. At least 5years of experience in an information security/cyber security role. Proven experience as a security analyst, incident handler/responder, security engineer, or penetration tester. Knowledge of security methodologies and processes (Cyber Kill Chain, Diamond Model, MITRE ATT&CK/D3FEND). Knowledge of technical security solutions (firewalls, SIEM, NIDS/NIPS/HIDS/HIPS, EDR, DLP, SOAR, proxies, network behavioural analytics, orchestration, automation, cloud security). Deep knowledge of TCP/IP, UDP, DNS, FTP, SSH, SSL/TLS, HTTP, network analysis, and email security. Good knowledge of common malware threats and attack methodologies. Proficiency in scripting and programming languages (PowerShell, Python, Bash, .NET, Ruby, Java, C, etc.). Experience with Infrastructure as Code. Professional certifications such as GCIA, GCIH, GCFE, GCFA, Security+, CCNA CyberOps, OSCP, GPEN, GWAPT, CEH, CySA+ (desirable). Core Competencies Ability to manage multiple independent projects simultaneously. Effective written and verbal communication for diverse audiences. Adaptability to changing priorities and processes. Team oriented, representing Information Security with excellent teamwork skills. Document and operational playbook development, including alert enhancements. Mentoring and supporting team members to advance the security program. Fundamental knowledge of network and system technologies and practices. Commitment to continual learning of new technologies and skills. Benefits 28 days annual leave plus 10 Northern Ireland national holidays. Private health insurance (medical, dental, optical). Life insurance. Competitive salary with an annual bonus. Training and development budget. Pension matched up to 7%. Flexible working hours and hybrid work schedule. Monthly catered lunches, unlimited drinks and snacks. Charitable matching gift program. EEO Statement Apex Fintech Solutions is an equal opportunity employer that does not discriminate on the basis of race, color, religion, sex (including pregnancy, sexual orientation, and gender identity), national origin, age, disability, veteran status, marital status, or any other protected characteristic. Our hiring practices ensure that all qualified applicants receive fair consideration without regard to these characteristics. Disability Statement Apex Fintech Solutions is committed to creating an inclusive and accessible workplace for all candidates, including those with disabilities. We provide reasonable accommodations to qualified individuals with disabilities who request them. If you require accommodations to participate in the application or interview process, please submit your request via the Candidate Accommodation Requests Form.
01/06/2026
Full time
About This Role The Senior SOC Analyst will be responsible for day to day security threats, vulnerability management, analysis, and response. The role involves managing security incidents, reviewing alerts, determining false positives and true positives, and working with incident responders on known or suspected security threats. The analyst will conduct log analysis, vulnerabilities, emerging threats, threat hunting, and incident response in alignment with best practices and recognized control frameworks, while mentoring analysts and handling escalations. The analyst will also provide security metrics, threat landscape updates, and emerging trend analyses. Responsibilities Operate within a Security Operations Center (SOC) team environment. Monitor, analyse, and investigate security incidents and events using tools such as SIEM, UEBA, Threat Intel, and EDR. Perform security incident and event correlation, analysis, and triage using information from multiple sources within the enterprise. Generate reports, dashboards, and presentations from security technologies. Act as the point of contact for Tier1 and Tier2 escalations for in depth investigations. Participate in an on call rotation. Analyse trending security data from heterogeneous security devices across multiple layers. Provide Incident Response (IR) support when analysis confirms actionable incidents. Communicate and collaborate with stakeholders, including internal customers and senior management, to provide updates on security incidents and ensure proper resolution. Investigate, document, and report on information security threats and emerging trends. Integrate technologies and share information with SOC analysts and external teams. Participate in internal projects to increase SOC efficiency and improve tooling. Improve and challenge existing processes and procedures in an agile environment. Maintain and update security documentation, including incident reports and KB articles. Provide technical expertise, mentor team members, and advise other departments. Perform advanced threat hunting activities using custom queries, behavioural analysis, and threat modelling frameworks. Develop and maintain security dashboards, metrics, and executive level reporting. Develop and maintain security tools, playbooks, and SOAR workflows to improve SOC efficiency. Core Qualifications Permanent right to live and work in the United Kingdom - job is based in Belfast, Northern Ireland. Bachelor's degree in a related field (Security, Forensics, Cyber Security, Computer Science) or equivalent industry experience. At least 5years of experience in an information security/cyber security role. Proven experience as a security analyst, incident handler/responder, security engineer, or penetration tester. Knowledge of security methodologies and processes (Cyber Kill Chain, Diamond Model, MITRE ATT&CK/D3FEND). Knowledge of technical security solutions (firewalls, SIEM, NIDS/NIPS/HIDS/HIPS, EDR, DLP, SOAR, proxies, network behavioural analytics, orchestration, automation, cloud security). Deep knowledge of TCP/IP, UDP, DNS, FTP, SSH, SSL/TLS, HTTP, network analysis, and email security. Good knowledge of common malware threats and attack methodologies. Proficiency in scripting and programming languages (PowerShell, Python, Bash, .NET, Ruby, Java, C, etc.). Experience with Infrastructure as Code. Professional certifications such as GCIA, GCIH, GCFE, GCFA, Security+, CCNA CyberOps, OSCP, GPEN, GWAPT, CEH, CySA+ (desirable). Core Competencies Ability to manage multiple independent projects simultaneously. Effective written and verbal communication for diverse audiences. Adaptability to changing priorities and processes. Team oriented, representing Information Security with excellent teamwork skills. Document and operational playbook development, including alert enhancements. Mentoring and supporting team members to advance the security program. Fundamental knowledge of network and system technologies and practices. Commitment to continual learning of new technologies and skills. Benefits 28 days annual leave plus 10 Northern Ireland national holidays. Private health insurance (medical, dental, optical). Life insurance. Competitive salary with an annual bonus. Training and development budget. Pension matched up to 7%. Flexible working hours and hybrid work schedule. Monthly catered lunches, unlimited drinks and snacks. Charitable matching gift program. EEO Statement Apex Fintech Solutions is an equal opportunity employer that does not discriminate on the basis of race, color, religion, sex (including pregnancy, sexual orientation, and gender identity), national origin, age, disability, veteran status, marital status, or any other protected characteristic. Our hiring practices ensure that all qualified applicants receive fair consideration without regard to these characteristics. Disability Statement Apex Fintech Solutions is committed to creating an inclusive and accessible workplace for all candidates, including those with disabilities. We provide reasonable accommodations to qualified individuals with disabilities who request them. If you require accommodations to participate in the application or interview process, please submit your request via the Candidate Accommodation Requests Form.
We're looking for a Tier 2 SOC Analyst to join a growing Managed Service Provider in Reading, supporting a portfolio of customers across multiple sectors. You'll act as an escalation point for Tier 1, owning investigations end-to-end - triaging SIEM and EDR alerts, leading incident response, hunting threats using MITRE ATT&CK, and tuning detections to cut noise. You'll also mentor junior analysts and help mature playbooks and runbooks. We're looking for 3+ years in a SOC or MSSP, hands-on with SIEM, EDR, and Microsoft 365 / Entra ID security. KQL or PowerShell scripting, phishing and malware triage experience, and clear written communication are essential. Security+, SC-200, BTL1 or similar certs beneficial.
01/06/2026
Full time
We're looking for a Tier 2 SOC Analyst to join a growing Managed Service Provider in Reading, supporting a portfolio of customers across multiple sectors. You'll act as an escalation point for Tier 1, owning investigations end-to-end - triaging SIEM and EDR alerts, leading incident response, hunting threats using MITRE ATT&CK, and tuning detections to cut noise. You'll also mentor junior analysts and help mature playbooks and runbooks. We're looking for 3+ years in a SOC or MSSP, hands-on with SIEM, EDR, and Microsoft 365 / Entra ID security. KQL or PowerShell scripting, phishing and malware triage experience, and clear written communication are essential. Security+, SC-200, BTL1 or similar certs beneficial.
Senior SOC Analyst UK - 3 days a week in our Manchester office (Suite B, Maple Court, M60 Office Park, Wynne Ave, Swinton, Clifton, Manchester, M27 8FF) £50-£55k (Dependent on experience) + benefits Focus Group is looking for a Senior SOC Analyst to play a key role within our Managed Security Services team. This is a dual focused position combining hands on technical expertise with day to day operational leadership, ensuring high quality delivery of managed detection and response services across a diverse customer base. You'll lead SOC operations, act as the escalation point for complex security incidents, and mentor junior analysts-driving both service excellence and team development. What you'll do Lead day to day SOC operations, ensuring effective triage, escalation, and communication workflows Act as the primary escalation point for complex security investigations and incidents Conduct advanced threat investigations across endpoints, networks, and cloud environments Perform proactive threat hunting and detection tuning to improve coverage and reduce noise Manage and mentor Tier 1-2 analysts, supporting development and technical growth Ensure ticket quality, SLA adherence, and high service standards across SOC operations Support onboarding of new customers into monitoring and detection platforms Collaborate with Cyber Security leadership to improve detection strategy and SOC maturity Analyse logs and security data to identify malicious or suspicious activity Develop and maintain playbooks, runbooks, and knowledge base content Produce clear, actionable incident reports for internal and customer stakeholders Engage directly with customers during escalations, incident reviews, and briefings Identify opportunities for automation, process improvement, and enhanced detection capabilities Stay up to date with emerging threats, attack techniques, and MITRE ATT&CK developments What you'll bring 4-6 years' experience in a SOC or MSSP environment at Tier 2-3 or Lead level Strong hands on experience with SIEM platforms (e.g. Microsoft Sentinel, Splunk, Elastic, LogPoint) Experience with EDR tools such as Microsoft Defender, SentinelOne, or Bitdefender Deep understanding of MITRE ATT&CK and modern threat detection methodologies Strong incident response, investigation, and log analysis capability across multiple data sources Ability to lead during high pressure incidents with calm, confident decision making Strong communication skills, including producing clear incident reports and updates Proven ability to mentor, coach, and support junior analysts Organised approach with the ability to manage multiple concurrent incidents Proactive mindset focused on continuous improvement and service optimisation Nice to have Certifications such as SC 200, GCIH, GCIA, Security+, or BTL1 Experience in an MSSP or multi customer environment Microsoft security stack experience (Defender XDR, Sentinel, M365 security) Knowledge of cloud security, email security, and vulnerability management Experience with KQL or other query languages Scripting skills (PowerShell, Python) Familiarity with SOAR and threat intelligence platforms Understanding of compliance frameworks (ISO 27001, NIST, Cyber Essentials) Future opportunities SOC Manager / Head of Security Operations Cyber Security Technical Lead Detection Engineering Lead Threat Intelligence LeadIncident Response Manager Security Consultant / Advisory
22/05/2026
Full time
Senior SOC Analyst UK - 3 days a week in our Manchester office (Suite B, Maple Court, M60 Office Park, Wynne Ave, Swinton, Clifton, Manchester, M27 8FF) £50-£55k (Dependent on experience) + benefits Focus Group is looking for a Senior SOC Analyst to play a key role within our Managed Security Services team. This is a dual focused position combining hands on technical expertise with day to day operational leadership, ensuring high quality delivery of managed detection and response services across a diverse customer base. You'll lead SOC operations, act as the escalation point for complex security incidents, and mentor junior analysts-driving both service excellence and team development. What you'll do Lead day to day SOC operations, ensuring effective triage, escalation, and communication workflows Act as the primary escalation point for complex security investigations and incidents Conduct advanced threat investigations across endpoints, networks, and cloud environments Perform proactive threat hunting and detection tuning to improve coverage and reduce noise Manage and mentor Tier 1-2 analysts, supporting development and technical growth Ensure ticket quality, SLA adherence, and high service standards across SOC operations Support onboarding of new customers into monitoring and detection platforms Collaborate with Cyber Security leadership to improve detection strategy and SOC maturity Analyse logs and security data to identify malicious or suspicious activity Develop and maintain playbooks, runbooks, and knowledge base content Produce clear, actionable incident reports for internal and customer stakeholders Engage directly with customers during escalations, incident reviews, and briefings Identify opportunities for automation, process improvement, and enhanced detection capabilities Stay up to date with emerging threats, attack techniques, and MITRE ATT&CK developments What you'll bring 4-6 years' experience in a SOC or MSSP environment at Tier 2-3 or Lead level Strong hands on experience with SIEM platforms (e.g. Microsoft Sentinel, Splunk, Elastic, LogPoint) Experience with EDR tools such as Microsoft Defender, SentinelOne, or Bitdefender Deep understanding of MITRE ATT&CK and modern threat detection methodologies Strong incident response, investigation, and log analysis capability across multiple data sources Ability to lead during high pressure incidents with calm, confident decision making Strong communication skills, including producing clear incident reports and updates Proven ability to mentor, coach, and support junior analysts Organised approach with the ability to manage multiple concurrent incidents Proactive mindset focused on continuous improvement and service optimisation Nice to have Certifications such as SC 200, GCIH, GCIA, Security+, or BTL1 Experience in an MSSP or multi customer environment Microsoft security stack experience (Defender XDR, Sentinel, M365 security) Knowledge of cloud security, email security, and vulnerability management Experience with KQL or other query languages Scripting skills (PowerShell, Python) Familiarity with SOAR and threat intelligence platforms Understanding of compliance frameworks (ISO 27001, NIST, Cyber Essentials) Future opportunities SOC Manager / Head of Security Operations Cyber Security Technical Lead Detection Engineering Lead Threat Intelligence LeadIncident Response Manager Security Consultant / Advisory
City, London
Blackthorn Trace
Blackthorn Trace have partnered with a global leading financial services industry who are building a Cyber Threat team across the UK, US and Canada. With the financial services industry constantly under attack by sophisticated cyber adversaries that range from nation states to criminals. In response, my client are creating a Cyber Threat Center charged with ensuring all equities are secure against all tiers of adversaries. You will work within the central hub for Computer Operations and be on the front lines of security incident response, threat hunting, and intelligence. Hours - 6am - 2.30pm, 2 days per week from home. Responsibilities Act a senior member of the Cyber Threat Center who handles security events and incidents on a daily basis in a fast-paced environment. Acts as an Incident Handler who can handle minor and major security incidents within the defined Computer Security Incident Response process. Role embodies Cyber Network Defense and a successful Cyber Threat Analyst will be able to quickly analyze threats, understand risk, deploy effective countermeasures, make business critical incident response decisions, and work as part of a team of individuals dedicated to protecting the firm. Maintains situational awareness for cyber threats across the global firm and take action where necessary. Daily responsibilities include, but are not limited to: Countermeasure deployment across various technologies. Malware and exploit analysis. Intrusion monitoring and response. Assessing alerts and notifications of event activity from intrusion detection systems and responding accordingly to the threat. Continuing content development of threat detection and prevention systems. Data analysis and threat research. Experience and Skills Systems administrator experience in Linux, Unix, Windows or OSX operating systems. Knowledge of networking and the common network protocols. Demonstrated ability to create complex scripts, develop tools, or automate processes Knowledge of vulnerabilities and a comfort in manipulating exploit code for analysis. Demonstrated ability to perform static and dynamic malware analysis. Demonstrated ability to analyze large data sets and identify anomalies. Demonstrated ability to quickly create and deploy countermeasures under pressure. Familiarity with common infrastructure systems that can be used as enforcement points. One or more of the following certifications or the ability to obtain within 1 year: CISSP: Certified Information Systems Security Professional CCNA: Cisco Certified Network Associate SANS: GCIH - Incident Handler SANS: GCIA - Intrusion Analyst Huntress Search Ltd does not discriminate on the grounds of 'protected characteristics' as defined under the Equality Act and other relevant UK legislation. Huntress Search Ltd acts as a Recruitment Agency in relation to all Permanent roles and as a Recruitment Business in relation to all Temporary roles. PLEASE NOTE: We can only consider applications from candidates who have the right to work in the UK.
15/02/2019
City, London
Blackthorn Trace
Blackthorn Trace have partnered with a global leading financial services industry who are building a Cyber Threat team across the UK, US and Canada. With the financial services industry constantly under attack by sophisticated cyber adversaries that range from nation states to criminals. In response, my client are creating a Cyber Threat Center charged with ensuring all equities are secure against all tiers of adversaries. You will work within the central hub for Computer Operations and be on the front lines of security incident response, threat hunting, and intelligence. Hours - 6am - 2.30pm, 2 days per week from home. Responsibilities Act a senior member of the Cyber Threat Center who handles security events and incidents on a daily basis in a fast-paced environment. Acts as an Incident Handler who can handle minor and major security incidents within the defined Computer Security Incident Response process. Role embodies Cyber Network Defense and a successful Cyber Threat Analyst will be able to quickly analyze threats, understand risk, deploy effective countermeasures, make business critical incident response decisions, and work as part of a team of individuals dedicated to protecting the firm. Maintains situational awareness for cyber threats across the global firm and take action where necessary. Daily responsibilities include, but are not limited to: Countermeasure deployment across various technologies. Malware and exploit analysis. Intrusion monitoring and response. Assessing alerts and notifications of event activity from intrusion detection systems and responding accordingly to the threat. Continuing content development of threat detection and prevention systems. Data analysis and threat research. Experience and Skills Systems administrator experience in Linux, Unix, Windows or OSX operating systems. Knowledge of networking and the common network protocols. Demonstrated ability to create complex scripts, develop tools, or automate processes Knowledge of vulnerabilities and a comfort in manipulating exploit code for analysis. Demonstrated ability to perform static and dynamic malware analysis. Demonstrated ability to analyze large data sets and identify anomalies. Demonstrated ability to quickly create and deploy countermeasures under pressure. Familiarity with common infrastructure systems that can be used as enforcement points. One or more of the following certifications or the ability to obtain within 1 year: CISSP: Certified Information Systems Security Professional CCNA: Cisco Certified Network Associate SANS: GCIH - Incident Handler SANS: GCIA - Intrusion Analyst Huntress Search Ltd does not discriminate on the grounds of 'protected characteristics' as defined under the Equality Act and other relevant UK legislation. Huntress Search Ltd acts as a Recruitment Agency in relation to all Permanent roles and as a Recruitment Business in relation to all Temporary roles. PLEASE NOTE: We can only consider applications from candidates who have the right to work in the UK.
