SOC Senior Analyst
Role details
Job location
Tech stack
Job description
As a Tier 3 Security Analyst, you'll act as a senior technical escalation point within the SOC, supporting the wider analyst team while leading the investigation and response to sophisticated cyber threats and incidents.
You'll work closely with internal security teams, customers, and stakeholders to continuously evolve detection capabilities, improve operational maturity, and ensure DXC continues to deliver a world-class security monitoring service.
This role operates on a Monday to Friday core hours with an on-call commitment from Farnborough.
Security Requirements
Due to the nature of the work, candidates must have current SC clearance and be eligible to obtain UK Government DV clearance.
What You'll Be Doing
- Lead the investigation and response to complex cyber security incidents across high-security customer environments
- Act as a senior escalation point for Tier 1 and Tier 2 analysts during active security events
- Drive proactive threat hunting campaigns to identify emerging threats, vulnerabilities, and anomalous behaviour
- Develop and improve detection logic, alerting, and monitoring content within SIEM platforms including Elastic Stack
- Analyse threat intelligence, indicators of compromise (IOCs), and attacker TTPs to strengthen detection capability
- Produce detailed post-incident reports with clear recommendations and improvement actions
- Support and mentor junior SOC analysts, helping develop technical capability across the team
- Collaborate with customers and internal stakeholders during incidents, communicating clearly with both technical and non-technical audiences
- Contribute to the ongoing evolution and improvement of DXC's SOC services, processes, and operational standards
- Participate in technical forums, knowledge sharing, and continuous improvement initiatives
Requirements
We're looking for someone who enjoys solving difficult security challenges, mentoring others, and operating in fast-paced, high-security environments where collaboration, technical depth, and clear communication are essential., We're interested in individuals who combine strong technical cyber security expertise with leadership, curiosity, and a proactive mindset.
You should have experience in areas such as:
- Security Operations Centre (SOC) environments
- Threat hunting and incident response
- SIEM technologies, ideally Elastic Stack
- Threat intelligence and attacker methodologies
- Windows and Linux operating systems
- Networking fundamentals including protocols, IP addressing, and traffic analysis
- Understanding of modern attacker techniques, including LOLBins and weaponised COTS tooling
- OSINT techniques and cyber threat analysis
- Leading investigations and supporting junior analysts
- Communicating effectively during high-pressure incidents
Desirable Experience
-
Experience working within high-security or government-aligned environments
-
Exposure to Elastic Stack, Splunk, Sentinel, or similar SIEM platforms
-
Security certifications such as:
-
CISSP
-
CISM
-
CompTIA Security+
-
SecurityX
Benefits & conditions
You'll be joining a collaborative and highly skilled cyber team during a period of continued growth, where you'll have the opportunity to:
- Work on complex and meaningful security challenges
- Develop your technical and leadership capability
- Contribute to innovative security operations and threat detection initiatives
- Be part of a supportive environment focused on continuous learning and development
In addition, DXC offers a competitive salary, bonus, and a flexible benefits package designed to support you both professionally and personally - including pension, private medical cover, and wellbeing programmes.
If you're looking for a role where you can make a genuine impact while continuing to grow your cyber security career, we'd love to hear from you.
True