SOC Analyst

As a SOC Analyst, you'll play a critical role in defending our clients against evolving cyber threats. You'll be at the forefront of detecting, investigating, and responding to security incidents, using leading-edge tools and frameworks to outpace adversaries.

This role is ideal for someone who thrives in fast-paced environments, enjoys problem-solving, and is passionate about strengthening security operations while continuously developing their skills.

Responsibilities

• Monitor, investigate, and respond to security incidents across SIEM, SOAR, EDR, and XDR platforms.

• Triage, analyze, and escalate security alerts and logs from multiple sources (Windows, Linux, MacOS, and network devices).

• Apply frameworks such as MITRE ATT&CK and Cyber Kill Chain to identify adversary tactics and techniques.

• Conduct in-depth event investigations, generate incident reports, and provide actionable remediation recommendations.

• Support vulnerability management activities and contribute to proactive threat hunting initiatives.

• Leverage cyber threat intelligence to anticipate and mitigate emerging risks.

• Collaborate with stakeholders to improve detection capabilities and strengthen overall security posture.

• Maintain accurate and clear documentation of investigations, incidents, and response actions.

• Contribute to continuous improvement of SOC processes, playbooks, and automation efforts.

• Familiarity with SIEM platforms (e.g., Splunk, QRadar, Microsoft Sentinel).

• Ability to read, interpret, and triage alerts/logs effectively.

• Understanding of common threats, Indicators of Compromise (IOCs), and basic attack vectors.

• Solid grasp of networking fundamentals (TCP/IP, DNS, HTTP).

• Strong analytical and problem-solving skills with attention to detail.

• Effective written and verbal communication skills for clear documentation and reporting.

• Experience with at least one of MS Sentinel, QRadar, or Palo Alto XSIAM.

As an equal opportunities' employer, we welcome applications from individuals of all backgrounds. However, for you to be eligible for this role, you must have the valid right to work in the UK. Unfortunately, we do not offer visa sponsorship and have no future plans to do so. You must be a resident in the UK and have been living continuously in the UK for the last 10 years. You must be able to hold or gain a UK government security clearance.

Please note, our SOC Teams operate on a 24x7 rota, to ensure continuous coverage. The rotation includes a mixture of day & night shifts with a pattern designed to balance work-life commitments while maintaining round-the-clock security monitoring.

Preferred technical and professional experience

• Degree-level education in Cyber Security, Digital Forensics, or related discipline (e.g., MSc Cyber Security Science).

• 1-3 years' experience in a Security Operations Center (SOC) environment.

• Professional certifications such as:

• CompTIA Security* ITIL Foundation

• Microsoft SC-200 (or actively working towards)

• Hands-on experience with multiple security platforms, ideally in order of preference:

• Microsoft Sentinel

• QRadar

• Palo Alto (XSIAM, Cortex, etc.)

• LogRhythm

• Familiarity with ticketing and incident management tools (e.g., Jira, ServiceNow).

• Many training opportunities from classroom to e-learning, mentoring and coaching programs and the chance to gain industry recognized certifications

• Regular and frequent promotion opportunities to ensure you can drive and develop your career with us

• Feedback and checkpoints throughout the year

• Diversity & Inclusion as an essential and authentic component of our culture through our policies and process as well as our Employee Champion teams and support networks

• A culture where your ideas for growth and innovation are always welcome

• Internal recognition programs for peer-to-peer appreciation as well as from manager to employees

• Tools and policies to support your work-life balance from flexible working approaches, sabbatical programs, paid paternity leave, maternity leave and an innovative maternity returners scheme

• More traditional benefits, such as 25 days holiday (in addition to public holidays), private medical, dental & optical cover, online shopping discounts, an Employee Assistance Program, life assurance and a group personal pension plan of an additional 5% of your base salary paid by us monthly to save for your future.

Your role and responsibilities

At IBM CIC, we provide technical and industry expertise to a wide range of public and private sector clients in the UK. A career in IBM CIC means you'll have the opportunity to work with leading professionals across multiple industries to improve the hybrid cloud and AI journey for the most innovative and valuable companies in the world. You will get the chance to deliver effective solutions, driving meaningful business change for our clients, using some of the latest technology platforms. Curiosity and a constant quest for knowledge serve as the foundation to success here. You'll be encouraged and supported to constantly reinvent yourself, focusing on skills in demand in an ever changing market. You'll be working with diverse teams, coming up with creative solutions which impact a wide network of clients, who may be at their site or one of our CIC or IBM locations. Our culture of evolution centres on long-term career growth and development opportunities in an environment that embraces your unique skills and experience.