Security Operations Centre Analyst

London Westminster (hybrid working - occasional site visits)

12 months +

Security clearance will be required / DV application upon starting.

Monday to Friday, shift rota between 7 am and 7 pm (e.g., 7 am-3 pm and 11 am-7 pm).

• Operational cyber security experience in a SOC environment.
• Experience as a senior analyst, acting as an escalation point for investigations.
• Experience building and maintaining alerts, dashboards, and playbooks.
• Experience analysing logs, network traffic, and security events.
• Knowledge of network security, endpoint security, identity security, and cloud monitoring.
• Understanding of Windows, Linux, Active Directory, and cloud environments.
• Strong experience with SIEM platforms.
• Ability to manage competing priorities, balancing operational delivery with continuous improvement of controls, rules, and processes.
• Strong analytical skills and a structured approach to solving complex problems.
• Clear written and verbal communication skills.
• Candidate should hold a bachelor's degree or equivalent qualification in computer science, information technology, or a related field.

• Experience working in an air-gapped environment.
• Relevant cyber security certifications and/or equivalent experience.
• CompTIA (or equivalent) certifications.
• Security vendor certifications.

• Incident investigation reports.
• Detection rules and tuning recommendations.
• Threat hunting findings.
• SOC operational metrics and reporting.
• Updated playbooks and response procedures.
• Security improvement recommendations.

Hybrid working with two days in office in London Westminster.