Security Analyst
Xact Placements
Reading, United Kingdom
16 days ago
Role details
Contract type
Permanent contract Employment type
Full-time (> 32 hours) Working hours
Regular working hours Languages
English Experience level
Senior Compensation
£ 60KJob location
Reading, United Kingdom
Tech stack
Microsoft Windows
API
Amazon Web Services (AWS)
Azure
Computer Security
Intrusion Detection and Prevention
Python
Security Information and Event Management
Microsoft Power Automate
Mitre Att&ck
Microsoft Sentinel
Security Orchestration, Automation & Response
Job description
We're working with a well-established managed services organisation in Reading to find a Senior Security Analyst to join their growing SOC function. This is a hands-on role for someone who genuinely enjoys the detection-and-response side of security - not just monitoring alerts, but tuning the rules behind them, automating the boring bits, and hunting for the threats nobody's noticed yet.
You'll be at the sharp end of incident response, working across SIEM, EDR and XDR platforms, with real ownership over the full incident lifecycle from triage through to closure.
What you'll be doing:
- Owning security incidents end-to-end - triage, investigation, remediation, closure
- Running advanced investigations across SIEM, EDR and XDR platforms
- Designing and tuning SIEM detection rules to cut down false positives
- Mapping detection and response work against the MITRE ATT&CK framework
- Building automated security workflows using tools like Logic Apps, Python and APIs
- Proactively threat hunting using behavioural analytics and threat intelligence
- Monitoring and responding to security events across Azure, Microsoft 365 and AWS
- Investigating identity-based threats - suspicious sign-ins, privilege escalation, that kind of thing
- Supporting endpoint security (EDR, AV, patching)
- Acting as an escalation point for complex or high-risk incidents
- Supporting ISO 27001 and Cyber Essentials compliance
- Mentoring junior analysts and the wider service desk team
Requirements
- Solid experience in a Security Operations or SOC environment
- Hands-on experience with SIEM, EDR and SOAR platforms
- Proven detection engineering and SIEM rule-tuning experience
- Strong grasp of MITRE ATT&CK and similar threat frameworks
- Experience automating processes with Python, Logic Apps or APIs
- Comfortable investigating incidents across cloud, identity and endpoint environments
- Experience with platforms like Microsoft Sentinel, Defender XDR, CrowdStrike or similar
- Knowledge of Azure/AWS security monitoring
- Understanding of ISO 27001 and Cyber Essentials
- CISSP or similar certification desirable but not essential