Security Monitoring & SIEM Analyst

As a Security Monitoring & SIEM Analyst, you will play a key role within the Security Operations function, focused on Real Time detection, investigation, and response to cyber threats using SIEM and security tooling. This role combines hands-on SIEM analysis, alert triage, investigation, and detection improvement, alongside exposure to incident response and proactive threat detection activities. You will work across multiple data sources to identify suspicious behaviour, analyse events, and support the organisation's cyber defence posture through effective monitoring and rapid response., * Monitor, analyse, and investigate security alerts across SIEM and security tooling

• Conduct detailed investigations across log, endpoint, identity, and network telemetry
• Develop and optimise detection logic and SIEM queries to improve alert fidelity
• Analyse security events and correlate activity across multiple data sources
• Support incident response activities, including containment, escalation, and remediation
• Perform IOC analysis, enrichment, and validation using threat intelligence sources
• Identify gaps in detection capabilities and contribute to continuous improvement
• Work closely with infrastructure, SOC, and incident response teams to enhance response capability
• Produce clear and structured investigation reports and escalation summaries

Core SIEM & Detection Skills

• Strong knowledge of SIEM platforms (eg Microsoft Sentinel, Splunk, Elastic)

• Experience writing and tuning queries using: o Kusto Query Language (KQL) o ES|QL/Kibana Query Language o Splunk SPL

• Understanding of event correlation, alerting, and detection use-case development

Technical Foundations

• Strong knowledge of: o Linux and Windows operating systems o Core networking concepts (TCP/IP, DNS, HTTP/S, Firewalls, VPNs)

• Experience analysing logs across: o Endpoint, identity, network, and cloud environments

Threat Detection & Security Tooling

• Strong knowledge of: o EDR/XDR concepts and workflows o IDS/IPS technologies and signature-based detection

• Experience working with tools such as: o Microsoft Defender, CrowdStrike, SentinelOne, or similar

Threat & Adversary Knowledge

• Understanding of attacker Tactics, Techniques and Procedures (TTPs) and how they manifest in logs and telemetry
• Familiarity with MITRE ATT&CK framework
• Evidence of staying up to date with: o Emerging threats o Adversary tradecraft o Defensive techniques

Incident Handling & Investigation

• Experience handling security incidents through: o Detection and triage o Investigation and analysis o Handover to Incident Response teams

• Strong understanding of: o Incident management processes o Host-based forensic concepts

• Ability to apply post-incident review (PIR) learnings to improve detection and response

Desirable Experience

• Experience within a SOC or cyber defence environment
• Exposure to threat hunting or detection engineering
• Experience in high-security or regulated environments

Certifications (Beneficial)

• Microsoft SC-200 (Security Operations Analyst)
• GIAC/SANS certifications (GCIH, GCIA, GCED, etc.)
• Crest (CPIA, CRIA, CCTIA, CCBTP)
• Other recognised cyber security certifications

An exciting opportunity to join a global technology organisation with a well-established cyber security capability supporting mission-critical environments. Cyber security is central to the organisation's strategy, with ongoing investment in tooling, threat intelligence, and specialist talent. The security function operates at a mature level, combining Security Operations, threat detection, incident response, and continuous improvement practices to defend against evolving threats., Adecco is acting as an Employment Agency. We are proud to be an equal opportunities employer. We are on the client's supplier list for this role.