SOC Analyst - Level 3

CrowdStrike, Inc.
Birkenhead, United Kingdom
3 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Senior

Job location

Birkenhead, United Kingdom

Tech stack

Microsoft Windows
Amazon Web Services (AWS)
Apple Mac Systems
Azure
Bash
Cloud Computing
Cloud Computing Security
Computer Security
Linux
Python
Network Forensics
Packet Analyzer
Powershell
Kusto Query Language
Security Information and Event Management
Scripting (Bash/Python/Go/Ruby)
Mitre Att&ck
Malware

Job description

This permanent position is ideal for an experienced SOC Level 3 Analyst looking to lead advanced detection engineering, incident response, and threat hunting activity. As the senior escalation point within the SOC, you will take ownership of high-severity investigations, develop custom detections, enhance SOC tooling, and contribute significantly to the evolution and maturity of the security operations function. You will play a key role in developing processes, guiding junior analysts, supporting customer engagements, and ensuring the SOC continues to deliver high-quality outcomes in fast-moving environments., * Lead high-severity incident response across endpoint, identity, and cloud environments.

  • Act as the final technical escalation point within the SOC.
  • Conduct proactive threat hunts aligned to MITRE ATT&CK.
  • Build custom detections (LogScale queries, correlation rules, Custom IOA).
  • Perform forensic acquisition, malware analysis, and investigation reporting.
  • Enhance SOC tooling, workflows, automations, and log ingestion processes.
  • Mentor SOC analysts and support enhancements to playbooks and runbooks.
  • Engage in customer-facing incident reviews and cyber posture sessions.

Requirements

  • 5-7+ years in SOC, Incident Response, or cyber defence roles (MSSP experience advantageous).

  • Advanced expertise with:

  • CrowdStrike Falcon EDR (RTR, Forensics, Custom IOA, Identity Protection)

  • LogScale / Next-Gen SIEM (AQL/KQL queries, dashboards, pipelines)

  • SIEM technologies and EDR/MDR workflows in 24×7 security operations

Strong automation and scripting skills (Python, PowerShell, Bash).

Proficiency investigating threats across Windows, Linux, macOS, and cloud platforms (Azure/AWS).

Strong understanding of network forensics, telemetry analysis, packet capture, and log correlation., * CrowdStrike: CCP, CCFR, CCFH

  • GIAC: GCIA, GCFE, GCFA, GCIH

  • OSCP, CREST CRT/CRIA

  • CySA+, Security+

  • Cloud security certifications (Microsoft/AWS)

Soft Skills

  • Excellent communicator, able to simplify complex technical matters.

  • Calm and decisive during live incidents.

  • Strong analytical mindset and mentoring capability.

  • Able to work independently and maintain high-quality documentation.

About the company

The Company A rapidly growing UK-based cyber security provider is expanding its Security Operations Centre following continued demand for advanced MDR, SOC, and Incident Response services. The organisation operates a modern 24×7 SOC delivering intelligence-led cyber defence across SMB and enterprise customers. Their security stack includes cutting-edge EDR, identity protection, SIEM and automation tooling, with a strong focus on engineering a highly effective, cloud-native SOC environment. CrowdStrike | LogScale SIEM | Incident Response | Threat Hunting

Apply for this position