Security Operations Center Analyst

If you need support in completing the application or if you require a different format of this document, please get in touch with at UKI.recruitment@tcs.com or call TCS London Office number 02031552100 with the subject line: “Application Support Request”.

Role: SOC L3 Security Analyst (Microsoft Sentinel & Defender Specialist)

Job Type: Permanent

Location: Manchester, UK, Hybrid

Number of hours: 40 hours per week – full time

Are you looking to take on a role in Security Analysis?

We have an exciting opportunity for you as an SOC L3 Security Analyst

Careers at TCS: It means more

TCS is a purpose-led transformation company, built on belief. We do not just help businesses to transform through technology. We support them in making a meaningful difference to the people and communities they serve - our clients include some of the biggest brands in the UK and worldwide. For you, it means more to make an impact that matters, through challenging projects which demand ambitious innovation and thought leadership.

• Build strong relationships with a diverse range of stakeholders.
• Gain access to endless learning opportunities.
• Work closely with the range of teams within the business to bring products to life.

The Role

As an SOC L3 Security Analyst, you will take a lead role in advanced threat detection, incident response, detection engineering, and security monitoring, while also optimizing license consumption and SIEM integration efforts.

Key responsibilities:

• Investigate and analyze complex security incidents escalated from L1/L2 SOC analysts.
• Leverage Microsoft Sentinel (SIEM) and Microsoft Defender XDR to conduct in-depth incident response.
• Correlate multi-source telemetry (network, endpoint, identity, cloud) to identify and contain threats.
• Perform proactive threat hunting using KQL within Microsoft Sentinel.
• Develop and fine-tune custom analytics rules, workbooks, and hunting queries.
• Apply the MITRE ATT&CK framework to build coverage and improve threat visibility.
• Onboard and integrate new data sources into Microsoft Sentinel, ensuring accurate log ingestion and parsing.
• Build and manage data connectors, custom log parsers, and normalization schemas.
• Collaborate with cloud and infrastructure teams to onboard telemetry from endpoints, identity systems, and SaaS platforms.
• Monitor Microsoft Sentinel and Defender license consumption on an ongoing basis.
• Analyze and average daily ingestion volumes, ensuring alignment with the procured license limits.
• Recommend optimization strategies to control costs without compromising visibility or detection capabilities.
• Design and implement automated response workflows using Sentinel playbooks (Logic Apps).
• Enhance response efficiency by developing SOAR integrations across security tooling.
• Produce comprehensive incident reports and root cause analyses.
• Maintain technical documentation for use cases, configurations, response procedures, and data source onboarding.
• Generate regular dashboards and reports for SOC leadership and compliance stakeholders.

Your Profile

Essential skills/knowledge/experience:

• Hands-on experience in cybersecurity operations.
• Solid experience with Microsoft Sentinel and Microsoft Defender suite.
• Strong skills in KQL (Kusto Query Language), Security architecture & data integration and Azure & Microsoft 365 security services.
• Experience in onboarding and managing log sources in a SIEM.
• Understanding of log ingestion cost management and licensing considerations in Sentinel.
• Familiarity with cloud-native security tools and threat intelligence integration.

Desirable skills/knowledge/experience:

• Scripting experience (e.g., PowerShell, Python).
• SC-200: Microsoft Security Operations Analyst , AZ-500: Microsoft Azure Security Technologies and GCIA, GCIH, or equivalent certifications.

Rewards & Benefits

TCS is consistently voted a Top Employer in the UK and globally. Our competitive salary packages feature pension, health care, life assurance, laptop, phone, access to extensive training resources and discounts within the larger Tata network.

We offer health & wellness initiatives and sports events; we are the proud sponsor of the London Marathon.

Diversity, Inclusion and Wellbeing

Tata Consultancy Services UK&I is committed to meeting the accessibility needs of all individuals in accordance with the UK Equality Act 2010 and the UK Human Rights Act 1998.

We welcome and embrace diversity in race, nationality, ethnicity, disability, neurodiversity, gender identity, age, physical ability, gender reassignment, sexual orientation. We are a disability inclusive employer and encourage disabled people to apply for this role.

As a Disability Confident Employer, we offer an interview to applicants with disabilities or long-term conditions who meet the minimum criteria for the role. Please email us at UKI.recruitment@tcs.com if you would like to opt in.

If you are an applicant who needs any adjustments to the application process or interview, please contact us at UKI.recruitment@tcs.com with the subject line: “Adjustment Request” or call TCS London Office 02031552100 / +44 204 520 2575 to request an adjustment. We welcome requests prior to you completing the application and at any stage of the recruitment process.

Beware of Fraudulent offers

This is to notify you that TCS does not ask for any sort of payment or security deposit from candidates at any stage of the recruitment process. The firm never sends out job offers from free internet email services like Gmail, Yahoo Mail, and so on. TCS has not authorised any third-party company to collect money on their behalf. As a vigilant job seeker, beware of fraudulent recruitment activity and protect your interests! You can write to UKI.recruitment@tcs.com to report any fraudulent activity.

Due to the high volume of applications, we will be unable to contact each applicant individually on the status of their application. If you have not received a direct response within 30 days, then it should be deemed unsuccessful on this occasion.

Join us and do more of what matters. Apply online now.