SOC Analyst

MTI

MTI provides award-winning, end-to-end technology solutions and services in cyber security and data centre for over 35 years. MTI has 250+ staff, with offices across the UK, France and Germany. MTI was acquired by Ricoh in 2020 as part of their transformation into a global digital services company. As part of the Ricoh family, MTI benefits from access to a much broader set of specialist IT services and significant technical resources available on a global scale.

More information can be found at mti.com

The Role

Job Title: SOC Analyst (L2)

Location: Hybrid Worker - Staines

Job Type: Full-Time

Reporting To: SOC Manager

Job Summary

As a Level 2 SOC Analyst, you will play a key role in the detection and response lifecycle within our Security Operations Centre. You will be responsible for triaging, investigating, and responding to cybersecurity incidents across customer environments using tools such as Microsoft Sentinel and Defender XDR. The role requires strong analytical skills, attention to detail, and the ability to execute response actions such as endpoint isolation, IOC blocking, malware scans, and user containment.

Note: Experience working in an MSSP/MSP setting supporting multiple clients is essential

Key Responsibilities

Threat Monitoring and Detection:

• Monitor security alerts and events from SIEM platforms, EDR solutions, and other security tools.
• Analyse logs, network traffic, and endpoint data to identify potential security incidents.
• Tune and optimize detection rules to reduce false positives and improve threat detection accuracy.

Threat Intelligence and Hunting:

• Leverage threat intelligence feeds and platforms to stay informed about emerging threats and attack techniques.
• Proactively hunt for threats and anomalies within client environments using advanced tools and techniques.
• Develop and share actionable threat intelligence with clients and internal teams.

SOAR and Automation:

• Create/update SOAR workflows for common incidents.
• Recommend automation improvements.

Platform Administration:

• Maintain and fine-tune Sentinel and Defender components.
• Ensure consistent log ingestion and rule coverage.

Required Skills and Qualifications

• Hands-on experience with Microsoft Sentinel, Defender for Endpoint, and other XDR platforms.
• Strong proficiency in KQL for threat hunting and detection tuning.
• Solid understanding of the MITRE ATT&CK framework and common threat actor behaviours.
• Preferred - Microsoft Certified: Security Operations Analyst Associate (SC-200)
• Preferred - CompTIA Security+, CySA+

Required Experience

• Minimum of 2 years of experience in a SOC environment.
• Experience working in an MSSP/MSP setting supporting multiple clients.

Required Soft Skills

• Strong communicator and collaborator.
• Comfortable working in fast-paced, dynamic environments.
• Desire to learn and grow in the cybersecurity field.

As part of the Ricoh family, MTI benefits from access to a much broader set of specialist IT services and significant technical resources available on a global scale. As a key constituent in Ricoh’s IT services growth and investment strategy, the MTI group of companies are developing an expanded and enhanced portfolio of services aimed at gaining market share while helping their customers accelerate and de-risk their own transformation plans. MTI has capabilities and services that support a wide range of technologies and customer objectives. MTI is one of the most technically accredited solutions providers across with highly experienced consultants and project managers to ensure excellent project outcomes as well as offering a set of well-resourced and scalable managed services. By employing proven methodologies, best practices and adopting a consultative approach, underpinned with operational excellence gained through thousands of client engagements. MTI helps its customers solve business challenges, by providing secure, compliant management of their applications, data, infrastructure, and systems environments.