SOC Analyst

Infrashift Solutions Limited
Birmingham, United Kingdom
4 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Compensation
£ 35K

Job location

Remote
Birmingham, United Kingdom

Tech stack

Microsoft Windows
API
JIRA
Automation of Tests
Azure
Computer Security
Powershell
Kusto Query Language
Zero Trust Network Access
Runbook
EndPointSecurity
Data Logging
Microsoft InTune
Patch Management
Microsoft Sentinel
ManageEngine

Job description

Own day-to-day security operations across our customer base - monitoring, triage, investigation and response - and help mature our SOC and MDR delivery as we scale., * Monitor and triage alerts across Microsoft Sentinel and Defender XDR for all managed customers.

  • Investigate and respond to security incidents; drive containment, eradication and recovery in line with our incident process and SLAs.
  • Run threat hunting and proactive detection using KQL across Sentinel and the Defender portals.
  • Execute and improve SOC runbooks, including Microsoft Graph Security API automation.
  • Manage vulnerability posture: Defender for Endpoint findings, Secure Score, and remediation tracking with customers.
  • Support endpoint hardening and patch compliance via Intune and ManageEngine Endpoint Central.
  • Maintain thorough documentation: log all changes and keep SOC runbooks and operational records accurate and current.
  • Produce clear customer-facing security reporting and contribute to service reviews.
  • Handle security tickets through Jira Service Management to agreed SLAs.
  • Feed detections, tuning and lessons learned back into our detection engineering and runbooks., * Meet alert-triage and incident-response SLAs across all managed tenants (=95% within target response times).
  • Zero critical vulnerabilities or security findings left untracked beyond agreed remediation windows.
  • Maintain complete, current documentation - all changes logged and runbooks kept up to date.
  • Deliver at least two detection-rule or runbook improvements per quarter.
  • Maintain or improve each managed customer's Microsoft Secure Score against its baseline.

Requirements

  • Hands-on experience in a SOC / security analyst role.
  • Strong working knowledge of Microsoft Sentinel and Defender XDR.
  • Experience administering Microsoft 365 premium licensing (Business Premium / E5) and the associated security workloads.
  • Hands-on with ManageEngine Endpoint Central for UEM and patch management.
  • Proficient in KQL for hunting and detection.
  • Practical incident response experience across the full lifecycle.
  • Working knowledge of Jira / Jira Service Management for ticketing and workflow (required).
  • Strong documentation discipline - logging all changes and maintaining runbooks and operational records.
  • Understanding of Microsoft 365 / Azure security, identity, and Zero Trust principles.
  • Clear written and verbal communication for customer-facing work., * SC-200 (Security Operations Analyst); AZ-500 advantageous.
  • Detection-as-code / automation experience (Graph Security API, PowerShell).
  • MSP or multi-tenant experience.

About the company

Infrashift Solutions is a UK-based Managed Service Provider specialising in Azure CloudOps, FinOps, Infrastructure as Code, and cybersecurity. We manage customers' Microsoft environments end to end on a Microsoft-centric stack with premium licensing - Microsoft 365 Business Premium and E5, Microsoft Sentinel, Defender XDR, and Intune - alongside ManageEngine Endpoint Central for unified endpoint management and patching. Our MDR service is live across multiple customers and growing.

Apply for this position