£500 Per day
Outside
Hybrid
London Area, United Kingdom
Summary: The L3 SOC Analyst role involves joining a leading Financial Services organization as part of their Cyber Security team on a 6-month contract. The position requires acting as a technical escalation point for complex security incidents while enhancing detection engineering and threat monitoring capabilities. The role is hybrid and offers a competitive daily rate. Candidates should have extensive experience in Security Operations and a strong understanding of various security technologies.
Key Responsibilities:
- Act as the senior technical escalation point for L1 and L2 SOC Analysts, leading the investigation and response to complex cyber security incidents.
- Monitor, triage and investigate security alerts across a wide range of enterprise security technologies.
- Coordinate incident response activities with internal stakeholders, third-party MSSPs and business teams.
- Develop and enhance incident response procedures, SOC playbooks and operational runbooks.
- Build and improve detection capabilities through SIEM use case development, detection engineering and alert tuning.
- Manage SIEM health, log ingestion, log source onboarding and detection content across an expanding technology estate.
- Conduct in-depth investigations including log analysis, endpoint analysis, email investigations and network traffic analysis to determine root cause and business impact.
- Develop and enhance threat intelligence capabilities by staying current with emerging threats, vulnerabilities and attacker techniques.
- Provide operational oversight and governance of the SOC and Managed Security Service Provider (MSSP).
- Mentor and support junior SOC Analysts, helping to develop technical capability across the team.
- Lead the development of an in-house Digital Forensics capability, including tooling, processes and investigation methodologies.
- Produce high-quality incident documentation, reporting, recommendations and lessons learned for technical and non-technical stakeholders.
- Support wider cyber security initiatives and technical projects as required.
Key Skills:
- Minimum 8 years' experience within a Security Operations Centre (SOC), Cyber Security Engineering or Security Operations Engineering environment.
- Proven experience operating at L3 SOC Analyst or Senior SOC Analyst level.
- Strong experience with SIEM technologies, detection engineering and incident response.
- Experience onboarding log sources, creating detection content, log parsing and SIEM optimisation is highly desirable.
- Previous experience working within a Managed Security Service Provider (MSSP) environment would be advantageous.
- Strong understanding of enterprise security technologies including: SIEM platforms, EDR/XDR solutions, Intrusion Detection Systems (IDS), Malware analysis, Log analysis.
- Excellent knowledge of Microsoft technologies including: Microsoft Azure, Microsoft 365, Windows Server, Linux.
- Experience identifying indicators of compromise across cloud and on-premise environments.
- Strong understanding of attack methodologies, including: MITRE ATT&CK Framework, Cyber Kill Chain, Phishing, Malware, Threat actor tactics, techniques and procedures (TTPs).
- Experience implementing SIEM detection use cases using scripting or automation technologies would be highly beneficial.
- Excellent analytical, investigative and communication skills, with the ability to communicate complex security issues to both technical and non-technical audiences.
- A proactive mindset with a genuine passion for cyber security and continuous improvement.
- Previous experience working within Financial Services; Insurance sector experience is highly desirable.
- Strong stakeholder management and communication skills.
- Ability to work independently within a fast-paced SOC environment.
Salary (Rate): £500 daily
City: London
Country: United Kingdom
Working Arrangements: hybrid
IR35 Status: outside IR35
Seniority Level: Senior
Industry: IT
L3 SOC Analyst | £500 per day | Outside IR35 | Hybrid - London | 6 Month Contract
I'm currently working with a leading Financial Services organisation who are looking to appoint an experienced L3 SOC Analyst to join their Cyber Security team on an initial 6-month contract, paying £500 per day Outside IR35. This is an excellent opportunity to join a mature Security Operations function where you'll act as the technical escalation point for complex security incidents while driving improvements across detection engineering and threat monitoring capabilities. The role is offered on a hybrid basis.
What You'll Be Doing
- Act as the senior technical escalation point for L1 and L2 SOC Analysts, leading the investigation and response to complex cyber security incidents.
- Monitor, triage and investigate security alerts across a wide range of enterprise security technologies.
- Coordinate incident response activities with internal stakeholders, third-party MSSPs and business teams.
- Develop and enhance incident response procedures, SOC playbooks and operational runbooks.
- Build and improve detection capabilities through SIEM use case development, detection engineering and alert tuning.
- Manage SIEM health, log ingestion, log source onboarding and detection content across an expanding technology estate.
- Conduct in-depth investigations including log analysis, endpoint analysis, email investigations and network traffic analysis to determine root cause and business impact.
- Develop and enhance threat intelligence capabilities by staying current with emerging threats, vulnerabilities and attacker techniques.
- Provide operational oversight and governance of the SOC and Managed Security Service Provider (MSSP).
- Mentor and support junior SOC Analysts, helping to develop technical capability across the team.
- Lead the development of an in-house Digital Forensics capability, including tooling, processes and investigation methodologies.
- Produce high-quality incident documentation, reporting, recommendations and lessons learned for technical and non-technical stakeholders.
- Support wider cyber security initiatives and technical projects as required.
What We're Looking For
- Minimum 8 years' experience within a Security Operations Centre (SOC), Cyber Security Engineering or Security Operations Engineering environment.
- Proven experience operating at L3 SOC Analyst or Senior SOC Analyst level.
- Strong experience with SIEM technologies, detection engineering and incident response.
- Experience onboarding log sources, creating detection content, log parsing and SIEM optimisation is highly desirable.
- Previous experience working within a Managed Security Service Provider (MSSP) environment would be advantageous.
- Strong understanding of enterprise security technologies including: SIEM platforms EDR/XDR solutions Intrusion Detection Systems (IDS) Malware analysis Log analysis.
- Excellent knowledge of Microsoft technologies including: Microsoft Azure Microsoft 365 Windows Server Linux.
- Experience identifying indicators of compromise across cloud and on-premise environments.
- Strong understanding of attack methodologies, including: MITRE ATT&CK Framework Cyber Kill Chain Phishing Malware Threat actor tactics, techniques and procedures (TTPs).
- Experience implementing SIEM detection use cases using scripting or automation technologies would be highly beneficial.
- Excellent analytical, investigative and communication skills, with the ability to communicate complex security issues to both technical and non-technical audiences.
- A proactive mindset with a genuine passion for cyber security and continuous improvement.
Essential Experience
- Previous experience working within Financial Services.
- Insurance sector experience is highly desirable.
- Strong stakeholder management and communication skills.
- Ability to work independently within a fast-paced SOC environment.