Senior SOC Analyst (Level 3)

Level 3 SOC Analyst

Location: Crawley (Hybrid)

Salary: Up to £75,000 (DOE) + Bonus

Type: Permanent / Full-Time

The Opportunity

My client, a leading organisation operating within the Critical National Infrastructure (CNI) energy sector, is looking to appoint an experienced Senior/Level 3 SOC Analyst.

This is a senior escalation role within a dedicated Security Operations Centre, working at the forefront of protecting high-value national assets. The successful candidate will act as a technical authority for advanced incident response, threat hunting, and security engineering, with a strong focus on the Microsoft security stack.

Key Responsibilities

• Serve as the primary escalation point for complex incidents and lead on incident response.
• Conduct in-depth threat hunting, forensic investigations, and root cause analysis.
• Develop, test, and optimise detection use cases, rules, and playbooks within Microsoft Sentinel and Defender.
• Provide mentorship and guidance to junior SOC analysts, enhancing team capability.
• Collaborate with IT and OT teams to address unique security requirements across CNI environments.
• Drive improvements in SOC operations, automation, and incident response processes.
• Monitor evolving threats and integrate threat intelligence into daily operations.
• Ensure adherence to industry standards and compliance frameworks (NIS2, CAF, ISO 27001).

Skills & Experience Required

• Extensive background in SOC operations, incident response, and threat hunting.
• Expertise with the Microsoft security stack, including:
• Microsoft Sentinel (SIEM/SOAR)
• Microsoft Defender for Endpoint, Identity, Cloud Apps, and Office 365
• Microsoft Entra ID (Azure AD)
• Microsoft Purview (compliance and data protection)
• Strong knowledge of attacker tactics and techniques (MITRE ATT&CK).
• Experience in digital forensics and malware analysis.
• Understanding of CNI or energy/utility environments.
• Proficiency in scripting/automation (KQL, PowerShell, Python).
• Excellent communication and stakeholder engagement skills.

Desirable Certifications

• Microsoft Certified: Cybersecurity Architect Expert / Security Operations Analyst Associate
• GIAC (GCIA, GCIH, GCFA, GNFA)
• CISSP / CISM (advantageous)
• Experience of OT/ICS security in energy environments.

Why Join?

• Opportunity to work on mission-critical systems protecting the UK’s energy infrastructure.
• Competitive package and clear progression into technical leadership.
• Backing for ongoing training and industry certifications.