SOC Analyst

JAM Recruitment
Hereford, United Kingdom
26 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Intermediate
Compensation
£ 157K

Job location

Hereford, United Kingdom

Tech stack

Microsoft Windows
CompTIA Security+
Computer Security
Linux
Human-Computer Interaction
Identity and Access Management
Information Technology Operations
Networking Basics
Phishing
Security Support Provider Interface
Security Information and Event Management
Mitre Att&ck
QRadar
Malware
Cybercrime
Microsoft Sentinel
Splunk

Job description

Level 1 SOC Cyber Analyst to join the TMCT security team to serve as the first internal responder to alerts generated by our outsourced SOC provider. In this role the individual will perform initial triage, conduct low level investigations, interact directly with end users and asset owners, and escalate verified incidents for advanced analysis and response. The level 1 SOC analyst will act as a key link between our internal security team and the external SOC, ensuring that potential threats are quickly validated, documented, and routed through appropriate channels for resolution., * Alert Triage: Review and assess alerts escalated by the outsourced SOC; validate their accuracy and determine potential impact.

  • Initial Investigation: Perform first-line investigation using available tools (SIEM, Device Logs, firewall logs and SIEM alerts).
  • User Interaction: Engage with affected end users or asset owners to collect additional information, verify events, or guide immediate containment steps (e.g.asset isolation, password reset).
  • Escalation: Escalate confirmed or high severity incidents to the Level 2 SOC (outsourced) or internal incident response teams, ensuring complete and accurate handoff documentation.
  • Incident Documentation: Create and maintain detailed case notes, timelines, and evidence within the case management system to support investigations and compliance requirements.
  • Collaboration: Serve as the coordination point between the security team and the external SOC partner, maintaining strong communication and situational awareness.
  • Playbook Execution: follow established triage and escalation playbooks; suggest improvements based on recurring issues or inefficiencies.
  • Threat Awareness: Maintain awareness of current cyber threats, attacker techniques (MITRE ATT&CK), and industry trends relevant to the organisations threat landscape.

Requirements

  • 2-4 years of experience in a SOC, IT Operations, or security support role.
  • Understanding of key security concepts including malware, phishing, lateral movement and privilege escalation.
  • Working knowledge of network fundamentals, windows/Linux system logs and authentication systems.
  • Working knowledge of SIEM platforms (e.g. Microsoft sentinel, Splunk, Elastic, QRadar).

Desirable:

  • Awareness of security frameworks and methodologies (NIST CSF, MITRE ATT&CK, ISO27001).

Qualifications:

Desirable:

  • CompTIA Security+, CySA+ or other entry level certification.

Apply for this position