SOC Analyst

• Monitor, triage, and respond to security alerts across multiple platforms, including Microsoft and endpoint security tools.
• Conduct in-depth investigations of security events, escalating and containing incidents as required.
• Optimise and tune detection rules, policies, and alerting mechanisms to improve SOC efficiency.
• Collaborate with internal teams to support security operations, threat analysis, and incident recovery.
• Produce clear incident documentation, reports, and recommendations for continuous improvement.
• Contribute to maintaining and enhancing SOC processes, runbooks, and operational workflows.

Microsoft Security Stack

• Experience triaging and managing Microsoft security alerts from the Microsoft Security Center / Microsoft Defender portal
• Microsoft Defender for Endpoint (MDE): advanced or enterprise-level operational expertise, including investigations, threat hunting, and response

Trellix (ePO)

• Hands-on experience with configuration, policy management, agent deployment, and alert handling

SentinelOne

• SOC operations experience including tuning, alert triage, threat investigation, and incident response

General Requirements

• Proven experience in a hands-on SOC Analyst role within an enterprise environment
• Strong understanding of security operations, threat detection, and incident response workflows
• Excellent communication skills and the ability to work effectively within a collaborative SOC team

Desirable Skills

• Experience with incident documentation and reporting
• Familiarity with security frameworks (MITRE ATT&CK, NIST, ISO 27001)
• Ability to adapt quickly to new tools, threats, and operational priorities
• Any relevant certifications (e.g., Security+, CySA+, Microsoft SC-series, GIAC)