SOC Incident Response Analyst

We are seeking a highly motivated and skilled SOC Incident Response Analyst to join our growing Security Operations Centre. This crucial role focuses on executing incident response activities, contributing to proactive threat hunting initiatives, and working closely with the Cyber Threat Intelligence team to support these efforts.

This is a hands-on technical position requiring a strong understanding of cybersecurity principles and practical experience in forensics and incident response across diverse environments, including on-premises, Azure, AWS, and Microsoft 365 services. You will play a key role in analysing security incidents, participating in threat hunting exercises, and contributing to the overall security of our diverse customer base.

The role demands profound technical expertise in digital forensics and incident response, specifically utilizing both host-based tools and EDR/XDR platforms, coupled with a proactive mindset to identify and respond to evolving cyber threats., * Carry out in-depth host and XDR forensics to investigate security incidents, and support containment and eradication efforts.

• Conduct proactive threat hunting, analysing data for IOCs and TTPs to uncover hidden threats, identify security weaknesses, and support Detection Engineering.
• Work closely with the Cyber Threat Intelligence team to integrate and utilise threat intelligence to inform incident investigations and threat hunting efforts.
• Maintain accurate incident records, write comprehensive incident and threat hunting reports, and contribute to post-incident reviews and lessons learned.
• Stay current with evolving cyber threats and technologies, leveraging formal training (e.g., SANS), certifications, industry events, and self-directed study to stay ahead of evolving threats
• Participate in the on-call rotation to provide support for critical incidents.

Do you have experience in Incident response?, * Analytical problem-solving : Ability to investigate complex data and identify patterns or anomalies

• Collaboration and teamwork : Experience with working across functions to resolve time pressured issues.
• Communication : Ability to explain technical findings in a clear manner to technical and non-technical audiences.
• Adaptability : Comfortable learning new tools, processes and technologies quickly.
• Decision-making : Able to prioritise actions and make judgements under pressure.
• Continuous improvement : Committed to documenting lessons learned and improving processes, practices and the skillset of the wider operational team.