24/7 SOC Analyst

SOC Analyst – 24/7 Security Operations

  • Remote (UK) with occasional travel to the Reading office (once per month).
  • Travel costs supported, with breakfast and lunch provided when on-site.
  • Up to £55,000 per annum, plus a comprehensive benefits package.
  • Fully funded training and professional development, including industry certifications.
  • 24/7 Security Operations Centre, operating on a structured shift-based rota.

Areti are delighted to be supporting a rapidly growing cyber security services provider in their search for an SOC Analyst to join their expanding 24/7 UK Security Operations Centre.

This organisation supports a wide range of enterprise customers across Europe, helping them secure and connect complex digital environments. As part of continued investment in round-the-clock security operations, they are looking for an analyst with strong technical foundations who is keen to develop their investigation capability within a modern, continuously evolving SOC.

This role is well suited to someone early in their SOC career, or an infrastructure/networking professional looking to transition into cyber security operations.

The Role

As an SOC Analyst, you'll be working on the frontline of a 24/7 Security Operations Centre, monitoring, investigating, and escalating security events across diverse customer environments.

You'll work closely with Senior and Lead Analysts, gaining hands-on experience investigating real-world incidents and understanding attacker behaviour. You'll use industry-leading platforms including Microsoft Sentinel, Google SecOps, Defender XDR, CrowdStrike Falcon, SentinelOne, and Cortex XSOAR/XSIAM to determine what has happened, how activity progressed, and what actions are required.

You'll be supported through structured training, cyber ranges, and continuous exposure to modern SOC technologies, enabling you to grow quickly in a supportive, technically driven environment.

This SOC places a strong emphasis on development, with clear progression pathways into Threat Intelligence, SOC Engineering, Professional Services, Senior SOC roles, and Incident Response.

Key Responsibilities

Detect & Investigate

  • Monitor and triage alerts across SIEM, EDR/XDR, email, and web security platforms.
  • Investigate suspicious activity and assess escalation requirements.
  • Follow SOC runbooks and structured investigation workflows.
  • Build clear timelines of activity and maintain accurate investigation notes.
  • Escalate complex cases to Senior and Lead Analysts with appropriate context.
  • Review vulnerability management outputs and provide basic prioritisation insight.

Hunt & Improve

  • Participate in directed threat hunting activities.
  • Suggest improvements to detections, dashboards, and SOC runbooks.
  • Support testing and validation of new detection logic and use cases.

Collaborate & Communicate

  • Provide clear written updates to customers and internal stakeholders.
  • Participate in structured shift handovers to ensure continuity within a 24/7 SOC.
  • Work closely with senior analysts to build technical depth and capability.

About You

You'll be a motivated, analytical individual with a strong interest in cyber security operations. You enjoy problem-solving, thrive in fast-paced environments, and work well as part of a collaborative team.

Required experience:

  • Minimum 1 year in a Security Operations Centre, or 3+ years in infrastructure or networking roles with demonstrable security exposure.
  • Experience triaging and investigating security alerts.
  • Understanding of attacker behaviours, TTPs, and common attack chains.
  • Ability to recognise indicators of compromise (processes, network activity, logons, file changes).
  • Hands-on experience with at least one SIEM, EDR, or XDR platform.
  • Familiarity with ticketing tools such as ServiceNow, JIRA, or Salesforce.
  • Experience reviewing Windows authentication/event logs and basic process trees.
  • Understanding of core network protocols (DNS, SMB, LDAP).
  • Operational knowledge of Windows, macOS, and Linux.
  • Awareness of MITRE ATT&CK and the ability to distinguish legitimate vs suspicious activity.

Desirable experience:

  • Exposure to Microsoft Sentinel, Google SecOps, or other SIEM platforms.
  • Experience with Defender, CrowdStrike, SentinelOne, or similar XDR tools.
  • Ability to query using KQL, XQL, S1QL, CQL, or similar languages.
  • Awareness of threat intelligence concepts.
  • Basic scripting or coding knowledge.

Working Pattern & Clearance

  • Shift pattern: 12-hour shifts (2 days, 2 nights, 4 off) within a 24/7 SOC.
  • Security clearance: Eligibility for SC clearance required (DV eligibility advantageous).
  • Location: Home-based with occasional office visits.

Why Apply?

You'll join a technically focused, people-first SOC that invests heavily in its analysts. You'll be encouraged to contribute ideas, improve processes, and shape how the SOC evolves, while benefiting from funded certifications, cyber ranges, and real-world investigation experience.

This is a strong opportunity to build deep operational security skills within a mature 24/7 SOC, supporting complex enterprise environments and progressing your long-term cyber security career.

Areti Group – Climate Positive Tech Recruitment

We're on a mission to put people and the planet before profit — helping to build a better, more sustainable tech future.

Apply Now
Apply Now

Job Details

Company
Areti Group | B CorpTM
Location
Derby, Derbyshire, UK
Hybrid / Remote Options
Employment Type
Full-time
Posted