£600 Per day
Inside
Hybrid
Reading, Berkshire
Summary: The SOC Analyst role involves providing operational support within a Security Operations Center, focusing on incident management and alert validation. The position requires hands-on engagement with escalated incidents and the development of queries for effective security event analysis. The role is hybrid, allowing for flexibility in work location while being classified as inside IR35.
Key Responsibilities:
- Provide hands-on 2nd line SOC operational support, including investigation and management of escalated incidents from the 1st line SOC
- Validate and assure quality and effectiveness of Sentinel alerts and detections
- Support onboarding of log sources and priority use cases into Microsoft Sentinel in line with CAF, T3, and ECS Keystone requirements
- Develop and utilise KQL queries to enable effective triage, investigation, and validation of security events
- Provide operational support and guidance to L1 SOC, improving consistency in alert handling and escalation
- Contribute to clearing operational backlog, including rule validation, clean-up activity, and onboarding delivery
- Perform basic tuning of analytic rules to improve signal quality and reduce alert noise (non-engineering activity)
Key Skills:
- Experience in SOC operations and incident management
- Proficiency in Microsoft Sentinel and KQL
- Strong analytical and problem-solving skills
- Ability to provide operational support and guidance
- Experience with alert validation and tuning
Salary (Rate): £600 daily
City: Reading
Country: United Kingdom
Working Arrangements: hybrid
IR35 Status: inside IR35
Seniority Level: undetermined
Industry: IT
SOC Analyst - (Havant/Reading/Hybrid) - Inside IR35
Day Rate - up to £600
Duration - 6 months
Harvey Nash's Client have a requirement for a SOC Analyst, you will support the team in:
- Provide hands-on 2nd line SOC operational support, including investigation and management of escalated incidents from the 1st line SOC
- Validate and assure quality and effectiveness of Sentinel alerts and detections
- Support onboarding of log sources and priority use cases into Microsoft Sentinel in line with CAF, T3, and ECS Keystone requirements
- Develop and utilise KQL queries to enable effective triage, investigation, and validation of security events
- Provide operational support and guidance to L1 SOC, improving consistency in alert handling and escalation
- Contribute to clearing operational backlog, including rule validation, clean-up activity, and onboarding delivery
- Perform basic tuning of analytic rules to improve signal quality and reduce alert noise (non-engineering activity