Security Operations Analyst / Incident Response Analyst

London (we're close to Liverpool St. station)

3 days per week onsite at our London office

On-call rota (Allowance Provided)

NETbuilder is a leading provider of innovative technology solutions, helping clients achieve operational excellence through expertise in observability and cybersecurity. We foster a collaborative environment where security professionals can grow, make an impact, and work with modern tooling.

We’re recruiting for an experienced SecOps Analyst to support a prestigious multinational client. In this role, you’ll champion a proactive, security-first culture within the SOC. You’ll ensure security events and incidents are automated, actioned, and resolved, while contributing to continuous improvement across our security processes.

Key Responsibilities

• Monitor alerts from security tools, analytics platforms, automation systems, ticketing systems, and user reports.
• Triage alerts, validate incidents, gather context, and escalate according to severity.
• Investigate threats using network and host-based tools across Windows, macOS, Linux, and Unix environments.
• Manage the full incident lifecycle: detection, investigation, response, and remediation.
• Maintain and standardise SOC processes, policies, and runbooks.
• Research emerging threat vectors, commodity malware, and APT tactics.
• Provide feedback on detection rules and fine-tune tooling to minimise false positives.

About You

• Must have hands-on experience with CrowdStrike Falcon (endpoint protection + identity analytics/user behaviour insights).
• Familiar with SIEM/automation platforms and service desk integrations.
• Strong grounding in network infrastructure, cloud technologies, and Active Directory.
• Proficient in scripting (Python or PowerShell) for automation and analysis.
• Process-driven, able to follow and adapt SOPs under pressure.
• Strong communicator, able to break down technical findings for diverse audiences.
• Detail-oriented, curious, and creative when tackling unexpected challenges.

Your Experience

• A minimum of 3 years+ as a SOC or SecOps Analyst, with practical incident handling and threat detection experience.
• Proven ability to optimise detection tools, reduce noise, and drive SOC improvements.
• Comfortable with shift work and participating in on-call rotas when required.

How to Apply

Please submit your CV, highlighting your technical knowledge of CrowdStrike Falcon and next-generation SOC systems.