SOC Analyst

SOC Analyst

Posted 1 day ago by JAM Recruitment Ltd

Apply
£75 Per hour
Inside
Onsite
Hereford, Herefordshire
Apply
Authentications Cyber Incident Response Firewall Information Technology Operations Management Management Systems Market Trend Microsoft 365 MITRE ATT&CK Framework Outsourcing Phishing Privilege Escalation Security Information And Event Management (SIEM) Splunk Verification And Validation

Summary: The SOC Analyst role involves serving as the first internal responder to alerts generated by an outsourced SOC provider, focusing on initial triage and low-level investigations. The analyst will interact with end users and asset owners, escalating verified incidents for advanced analysis and response. This position is critical in linking the internal security team with the external SOC to ensure timely validation and documentation of potential threats. The role requires a proactive approach to maintaining awareness of current cyber threats and industry trends.

Key Responsibilities:

  • Alert Triage: Review and assess alerts escalated by the outsourced SOC; validate their accuracy and determine potential impact.
  • Initial Investigation: Perform first-line investigation using available tools (SIEM, Device Logs, firewall logs and SIEM alerts).
  • User Interaction: Engage with affected end users or asset owners to collect additional information, verify events, or guide immediate containment steps (e.g. asset isolation, password reset).
  • Escalation: Escalate confirmed or high severity incidents to the Level 2 SOC (outsourced) or internal incident response teams, ensuring complete and accurate handoff documentation.
  • Incident Documentation: Create and maintain detailed case notes, timelines, and evidence within the case management system to support investigations and compliance requirements.
  • Collaboration: Serve as the coordination point between the security team and the external SOC partner, maintaining strong communication and situational awareness.
  • Playbook Execution: Follow established triage and escalation playbooks; suggest improvements based on recurring issues or inefficiencies.
  • Threat Awareness: Maintain awareness of current cyber threats, attacker techniques (MITRE ATT&CK), and industry trends relevant to the organisation's threat landscape.

Key Skills:

  • 2-4 years of experience in a SOC, IT Operations, or security support role.
  • Understanding of key security concepts including malware, phishing, lateral movement and privilege escalation.
  • Working knowledge of network fundamentals, Windows/Linux system logs and authentication systems.
  • Working knowledge of SIEM platforms (e.g. Microsoft Sentinel, Splunk, Elastic, QRadar).
  • Awareness of security frameworks and methodologies (NIST CSF, MITRE ATT&CK, ISO27001) is desirable.
  • CompTIA Security+, CySA+ or other entry level certification is desirable.

Salary (Rate): £75.48/hour

City: Hereford

Country: United Kingdom

Working Arrangements: on-site

IR35 Status: inside IR35

Seniority Level: Mid-Level

Industry: IT

Detailed Description From Employer:

SOC Analyst

£75.48 p/hr (Inside IR35)

Onsite Hereford

12 months

Level 1 SOC Cyber Analyst to join the TMCT security team to serve as the first internal responder to alerts generated by our outsourced SOC provider. In this role the individual will perform initial triage, conduct low level investigations, interact directly with end users and asset owners, and escalate verified incidents for advanced analysis and response. The level 1 SOC analyst will act as a key link between our internal security team and the external SOC, ensuring that potential threats are quickly validated, documented, and routed through appropriate channels for resolution.

Duties:

  • Alert Triage: Review and assess alerts escalated by the outsourced SOC; validate their accuracy and determine potential impact.
  • Initial Investigation: Perform first-line investigation using available tools (SIEM, Device Logs, firewall logs and SIEM alerts).
  • User Interaction: Engage with affected end users or asset owners to collect additional information, verify events, or guide immediate containment steps (e.g.asset isolation, password reset).
  • Escalation: Escalate confirmed or high severity incidents to the Level 2 SOC (outsourced) or internal incident response teams, ensuring complete and accurate handoff documentation.
  • Incident Documentation: Create and maintain detailed case notes, timelines, and evidence within the case management system to support investigations and compliance requirements.
  • Collaboration: Serve as the coordination point between the security team and the external SOC partner, maintaining strong communication and situational awareness.
  • Playbook Execution: follow established triage and escalation playbooks; suggest improvements based on recurring issues or inefficiencies.
  • Threat Awareness: Maintain awareness of current cyber threats, attacker techniques (MITRE ATT&CK), and industry trends relevant to the organisations threat landscape.

Essential:

  • 2-4 years of experience in a SOC, IT Operations, or security support role.
  • Understanding of key security concepts including malware, phishing, lateral movement and privilege escalation.
  • Working knowledge of network fundamentals, windows/Linux system logs and authentication systems.
  • Working knowledge of SIEM platforms (e.g. Microsoft sentinel, Splunk, Elastic, QRadar).

Desirable:

  • Awareness of security frameworks and methodologies (NIST CSF, MITRE ATT&CK, ISO27001).

Qualifications:

Desirable:

  • CompTIA Security+, CySA+ or other entry level certification.
Apply
Similar Jobs
Loading data...