Salary: £50,000 - 58,000 per year
Requirements:
- Proven experience working in a Security Operations Centre (SOC)
- Hands on SIEM experience (Microsoft Sentinel, Splunk, or similar)
- Strong understanding of MITRE ATT&CK and modern detection techniques
- Confident analysis across logs, endpoints and network traffic
- Solid knowledge of core networking protocols (TCP/IP, DNS, HTTP, SMTP)
- Awareness of enterprise security tooling (firewalls, AV, VPNs, IDS/IPS)
- Eligibility for DV Clearance (sole British National, UK resident for the past 10 years)
Responsibilities:
- Monitoring, triaging and investigating security alerts in highly secure environments
- Analysing threats using SIEM, endpoint telemetry, network traffic and logs
- Supporting live incident response, escalation and containment activities
- Enhancing detections, rules and playbooks aligned to MITRE ATT&CK
- Producing clear, high-quality incident reports for both technical and senior stakeholders
- Contributing to threat intelligence and proactive defence initiatives
- Staying ahead of emerging TTPs, tooling and adversary behaviour
Technologies:
- HTTP
- Network
- Security
- Splunk
- TCP/IP
We are a high-performing Security Operations Centre located in Hemel Hempstead, UK, dedicated to supporting UK defence, aerospace, and national security programmes. We offer a competitive salary of up to £58K with a 20% shift allowance and operate on a 24/7 shift pattern. Our team plays a critical role in protecting country important systems against sophisticated threats, including nation state activities, while benefiting from a trusted consultancy environment.