SOC Analyst (2nd Line)

SOC Analyst (2nd Line)

Posted 1 day ago by Whitebridge Group

£600 Per day
Inside
Hybrid
Reading or Havant - Hybrid

Summary: Whitebridge is seeking a 2nd Line SOC Analyst with current SC Clearance to provide operational support for a utilities client. The role involves managing escalated incidents, validating alerts, and supporting log source onboarding into Microsoft Sentinel. The position requires effective triage and investigation of security events while contributing to operational improvements. The successful candidate should be available to start ASAP and will work in a hybrid arrangement.

Key Responsibilities:

  • Provide hands-on 2nd line SOC operational support, including investigation and management of escalated incidents from the 1st line SOC
  • Validate and assure quality and effectiveness of Sentinel alerts and detections
  • Support onboarding of log sources and priority use cases into Microsoft Sentinel in line with CAF, T3, and ECS Keystone requirements
  • Develop and utilise KQL queries to enable effective triage, investigation, and validation of security events
  • Provide operational support and guidance to L1 SOC, improving consistency in alert handling and escalation
  • Contribute to clearing operational backlog, including rule validation, clean-up activity, and onboarding delivery
  • Perform basic tuning of analytic rules to improve signal quality and reduce alert noise (non-engineering activity)

Key Skills:

  • Current SC Clearance
  • Experience in 2nd line SOC operations
  • Proficiency in Microsoft Sentinel and KQL queries
  • Strong analytical and problem-solving skills
  • Ability to provide operational support and guidance
  • Experience in incident management and alert validation
  • Familiarity with log source onboarding and security event investigation

Salary (Rate): £600 per day

City: Reading or Havant

Country: United Kingdom

Working Arrangements: hybrid

IR35 Status: inside IR35

Seniority Level: Mid-Level

Industry: IT

Detailed Description From Employer:

Whitebridge is looking for a 2nd Line SOC Analyst with current SC Clearance to join our utilities client.

Role Overview:

  • Provide hands-on 2nd line SOC operational support, including investigation and management of escalated incidents from the 1st line SOC
  • Validate and assure quality and effectiveness of Sentinel alerts and detections
  • Support onboarding of log sources and priority use cases into Microsoft Sentinel in line with CAF, T3, and ECS Keystone requirements
  • Develop and utilise KQL queries to enable effective triage, investigation, and validation of security events
  • Provide operational support and guidance to L1 SOC, improving consistency in alert handling and escalation
  • Contribute to clearing operational backlog, including rule validation, clean-up activity, and onboarding delivery
  • Perform basic tuning of analytic rules to improve signal quality and reduce alert noise (non-engineering activity

The successful applicant should be able to commit to starting ASAP. The role will be hybrid between home and office visits and will be umbrella based working. Direct applicants only please.