Security Operations Centre Analyst

As part of our team, you will play a key role in strengthening and maturing our SOC services, helping deliver smart, efficient and high-impact security outcomes for our clients. You won't just monitor alerts, you will investigate, improve detection capability, influence processes, and help shape how we defend modern environments.

You will gain exposure to real world threats, diverse technology stacks, and large scale operations, giving you the kind of hands on experience that accelerates careers. If you are curious, analytical, and thrive on solving problems that genuinely matter, this could be your next challenge.

Our team operates a 24/7 SOC. This role involves working day and night shifts and is based at our SOC in Hertfordshire.

What you will be doing:

• Monitoring and analysing security alerts and events, conducting initial investigations and determining the appropriate response.
• Escalating complex incidents to Senior Analysts for deeper analysis and resolution.
• Managing SOC incident queues to ensure timely and effective response.
• Maintaining and improving asset baselines across customer environments.
• Producing clear, insightful reports for both technical and non-technical audiences.
• Enhancing detection rules and use cases aligned to MITRE ATT&CK and threat-informed defence.
• Working collaboratively to protect critical data and technology platforms.
• Documenting incidents, findings and recommended mitigations.
• Supporting the continual improvement of SOC processes and procedures.

Do you have experience in VPN?, * Hands-on experience with Microsoft Sentinel and Splunk.

• Knowledge of the MITRE ATT&CK framework.
• Understanding of client-server and multi-tier applications, databases, firewalls, VPNs and endpoint security.
• Solid networking fundamentals (TCP/IP, LAN/WAN, HTTP, SMTP, FTP, LDAP, etc.).
• Strong analytical thinking and structured problem solving.
• The ability to prioritise, manage multiple tasks and work effectively under pressure.
• An entry-level cyber security certification (e.g. Security+, CEH, CPSA) or similar.

It would be great if you had:

• Scripting or programming skills (Python, PowerShell, Bash, Perl, C++).
• Broader SIEM experience (e.g. QRadar).
• Additional SOC or CREST certifications.

Sopra Steria's Aerospace, Defence and Security business designs, develops and deploys digital solutions to Central Government clients. The work we do makes a real difference to the client's goal of National Security, and we operate in a unique and privileged environment. We are given time for professional development activities, and we coach and mentor our colleagues, sharing knowledge and learning from each other. We foster a culture in which employees feel valued and supported and have pride in their work for the customer, delivering outstanding rates of customer satisfaction in the UK's most complex safety- and security-critical markets.