SOC Analyst

We're recruiting an experienced SOC L2 Analyst / Tier 2 Security Analyst to join a high-performing Security Operations Centre (SOC) environment, supporting the investigation, response and remediation of complex cyber security incidents.

This is a hands-on role focused on incident response, threat detection and forensic investigation, working with enterprise-scale security tooling and collaborating closely with Tier 1, Tier 3 and wider IT teams.

Key Responsibilities

• Investigate and respond to Tier 2 security incidents, including malware, ransomware, data breaches and APTs

• Analyse alerts using SIEM tools (Splunk) and EDR platforms (Microsoft Defender)

• Perform incident forensics, root cause analysis and impact assessments

• Own escalations from SOC L1 and provide technical guidance and quality assurance

• Support containment, eradication and recovery activities

• Produce clear incident reports and technical documentation

• Contribute to detection improvement, playbooks and post-incident reviews

• Proven experience as a SOC Analyst L2 / Tier 2 / Incident Response Analyst

• Strong hands-on experience with Splunk or other SIEM platforms

• Experience with EDR / endpoint detection tools (Defender preferred)

• Solid understanding of incident response, threat hunting and security investigations

• Knowledge of Windows, Linux and enterprise environments

• Ability to work under pressure in a SOC environment

Desirable

• Cyber security certifications (GIAC, GCIH, GCIA, GCFA, CISSP)

• Digital forensics or malware analysis experience

This role suits someone who enjoys owning incidents end-to-end rather than monitoring alerts.