SOC Analyst

SOC Analyst - SC Cleared - 12 Month Contract - Hereford

About Your Role:

As the SOC Analyst your role will include;

Alert Triage: Review and assess alerts escalated by the outsourced SOC; validate their accuracy and determine potential impact.
Initial Investigation: Perform first-line investigation using available tools (SIEM, Device Logs, Firewall logs and SIEM alerts).
User Interaction: Engage with affected end users or asset owners to collect additional information, verify events, or guide immediate containment steps (eg asset isolation, password reset).
Escalation: Escalate confirmed or high severity incidents to the Level 2 SOC (outsourced) or internal incident response teams, ensuring complete and accurate handoff documentation.
Incident Documentation: Create and maintain detailed case notes, timelines, and evidence within the case management system to support investigations and compliance requirements.
Collaboration: Serve as the coordination point between the security team and the external SOC partner, maintaining strong communication and situational awareness.
Playbook Execution: follow established triage and escalation playbooks; suggest improvements based on recurring issues or inefficiencies.
Threat Awareness: Maintain awareness of current cyber threats, attacker techniques (MITRE ATT&CK), and industry trends relevant to the organisations threat landscape.

About You:

As an experienced SOC Analyst, your skills and experience may include;

Previous experience in a SOC, IT Operations, or security support role.
Understanding of key security concepts including malware, phishing, lateral movement and privilege escalation.
Working knowledge of network fundamentals, windows/Linux system logs and authentication systems.
Working knowledge of SIEM platforms (eg Microsoft sentinel, Splunk, Elastic, QRadar).
Awareness of security frameworks and methodologies (NIST CSF, MITRE ATT&CK, ISO27001).