SOC Analyst
other jobs Reed
Added before 8 hours
- England,Yorkshire and The Humber,South Yorkshire,Sheffield
- Full Time, Contract
- Salary negotiable
Job Description:
Full job descriptionSOC Analyst
*Daily Rate: Inside IR35
*Location: Sheffield
*Job Type: Hybrid (2-3 days on-site)
Join our Cyber Defence Centre (CDC) as a SOC Analyst. This is a crucial hands-on operational role within Security Operations, focused on incident detection, investigation, and response. You will play a pivotal role in ensuring effective monitoring, triage, and response to security events, while also driving continuous improvement and detection engineering initiatives.
Day-to-day of the role:
*Incident Detection & Response:*Investigate and respond to security incidents and alerts escalated from Tier 1 / Tier 2 SOC.
*Perform in-depth analysis and triage of security events, identifying threats and determining impact.
*Support high-severity incident response as required, working closely with Incident Responders.
*Operational Monitoring:*Manage and resolve security tickets within agreed SLAs.
*Review alerts from multiple security tools and platforms.
*Ensure accurate documentation and tracking of incidents within ServiceNow.
*Detection Engineering:*Contribute to detection engineering activities on a rotational basis.
*Develop and tune detection rules to improve alert quality and reduce false positives.
*Write and optimise queries (e.g., KQL) across SIEM platforms.
*Collaboration & Support:*Work closely with internal teams and third-party providers to investigate and resolve incidents.
*Support MSSP interactions and escalations where required.
*Participate in incident bridge calls during major incidents.
*Continuous Improvement:*Identify lessons learned from incidents and contribute to improving processes and controls.
*Provide feedback on detection gaps and opportunities for enhancement.
*Focus on delivering value from incidents, not just ticket closure.
Required Skills & Qualifications:
*Core Experience:*Proven experience working within a SOC environment (Tier 2 / Tier 3 preferred).
*Strong background in incident investigation and response.
*Experience handling escalated alerts and security tickets.
*Technical Skills:*Experience with SIEM platforms (e.g., Microsoft Sentinel).
*Experience with EDR/XDR tools (e.g., CrowdStrike).
*ServiceNow or similar ITSM/SecOps platforms.
*Ability to write and optimise KQL queries (essential).
*Knowledge of scripting/query languages (e.g., Falcon Query Language) is advantageous.
*Analytical Capability:*Strong investigative and problem-solving skills.
*Ability to correlate data across multiple sources.
*Understanding of common attack techniques and threat vectors.
*Soft Skills:*Strong communication and collaboration skills.
*Ability to work effectively in a fast-paced operational environment.
*Proactive mindset with focus on continuous improvement and quality outcomes.
To apply for this SOC Analyst position, please submit your CV and a member of the Talent Team will be in touch.
*Daily Rate: Inside IR35
*Location: Sheffield
*Job Type: Hybrid (2-3 days on-site)
Join our Cyber Defence Centre (CDC) as a SOC Analyst. This is a crucial hands-on operational role within Security Operations, focused on incident detection, investigation, and response. You will play a pivotal role in ensuring effective monitoring, triage, and response to security events, while also driving continuous improvement and detection engineering initiatives.
Day-to-day of the role:
*Incident Detection & Response:*Investigate and respond to security incidents and alerts escalated from Tier 1 / Tier 2 SOC.
*Perform in-depth analysis and triage of security events, identifying threats and determining impact.
*Support high-severity incident response as required, working closely with Incident Responders.
*Operational Monitoring:*Manage and resolve security tickets within agreed SLAs.
*Review alerts from multiple security tools and platforms.
*Ensure accurate documentation and tracking of incidents within ServiceNow.
*Detection Engineering:*Contribute to detection engineering activities on a rotational basis.
*Develop and tune detection rules to improve alert quality and reduce false positives.
*Write and optimise queries (e.g., KQL) across SIEM platforms.
*Collaboration & Support:*Work closely with internal teams and third-party providers to investigate and resolve incidents.
*Support MSSP interactions and escalations where required.
*Participate in incident bridge calls during major incidents.
*Continuous Improvement:*Identify lessons learned from incidents and contribute to improving processes and controls.
*Provide feedback on detection gaps and opportunities for enhancement.
*Focus on delivering value from incidents, not just ticket closure.
Required Skills & Qualifications:
*Core Experience:*Proven experience working within a SOC environment (Tier 2 / Tier 3 preferred).
*Strong background in incident investigation and response.
*Experience handling escalated alerts and security tickets.
*Technical Skills:*Experience with SIEM platforms (e.g., Microsoft Sentinel).
*Experience with EDR/XDR tools (e.g., CrowdStrike).
*ServiceNow or similar ITSM/SecOps platforms.
*Ability to write and optimise KQL queries (essential).
*Knowledge of scripting/query languages (e.g., Falcon Query Language) is advantageous.
*Analytical Capability:*Strong investigative and problem-solving skills.
*Ability to correlate data across multiple sources.
*Understanding of common attack techniques and threat vectors.
*Soft Skills:*Strong communication and collaboration skills.
*Ability to work effectively in a fast-paced operational environment.
*Proactive mindset with focus on continuous improvement and quality outcomes.
To apply for this SOC Analyst position, please submit your CV and a member of the Talent Team will be in touch.
Job number 3754966
Increase your exposure to recruiters with ProJobs
Thousands of recruiters are looking for you in the Job Master profile database, increase your exposure 4 times with a ProJob subscription
You can cancel your subscription at any time.