Senior SOC Analyst

Location: Hybrid - Remote with the requirement to attend team meetings in the Reading office once a month, You'll act as a senior technical point of escalation within the SOC, leading complex investigations and driving continuous improvement across tooling, detection capability and response processes., Working closely with DevOps, infrastructure and engineering teams to improve security posture and response capability.

Strong experience in senior SOC / blue team / security operations roles.

Hands-on SIEM engineering and detection tuning experience.

Proven ownership of complex incident response and investigations.

Cloud security experience across Azure and AWS.

Experience automating SOC workflows and response processes.

Threat hunting experience beyond basic log review.

Comfortable engaging directly with technical stakeholders.

Able to prioritise and operate effectively under pressure.

Useful but not essential

Microsoft Sentinel experience.

Container or Kubernetes environments.

CI/CD security tooling exposure.

Red or purple team experience.

Why this opportunity

Senior ownership and autonomy.

Ballantyne Technology is working exclusively on a senior-level Security Operations opportunity with an international, industry leading software business operating in a modern cloud environment. This is not a traditional SOC role focused on alert handling. The position sits at the senior technical level and combines incident leadership, detection engineering, threat hunting and automation. You'll have genuine ownership of security operations maturity rather than working in a ticket-driven environment.