SOC Analyst

SOC Analyst

Posted 1 day ago by Harvey Nash Plc

£600 Per day
Inside
Hybrid
Reading, Berkshire

Summary: The SOC Analyst role involves providing operational support within a Security Operations Center, focusing on incident management and alert validation. The position requires hands-on engagement with escalated incidents and the development of queries for effective security event analysis. The role is hybrid, allowing for flexibility in work location while being classified as inside IR35.

Key Responsibilities:

  • Provide hands-on 2nd line SOC operational support, including investigation and management of escalated incidents from the 1st line SOC
  • Validate and assure quality and effectiveness of Sentinel alerts and detections
  • Support onboarding of log sources and priority use cases into Microsoft Sentinel in line with CAF, T3, and ECS Keystone requirements
  • Develop and utilise KQL queries to enable effective triage, investigation, and validation of security events
  • Provide operational support and guidance to L1 SOC, improving consistency in alert handling and escalation
  • Contribute to clearing operational backlog, including rule validation, clean-up activity, and onboarding delivery
  • Perform basic tuning of analytic rules to improve signal quality and reduce alert noise (non-engineering activity)

Key Skills:

  • Experience in SOC operations and incident management
  • Proficiency in Microsoft Sentinel and KQL
  • Strong analytical and problem-solving skills
  • Ability to provide operational support and guidance
  • Experience with alert validation and tuning

Salary (Rate): £600 daily

City: Reading

Country: United Kingdom

Working Arrangements: hybrid

IR35 Status: inside IR35

Seniority Level: undetermined

Industry: IT

Detailed Description From Employer:

SOC Analyst - (Havant/Reading/Hybrid) - Inside IR35

Day Rate - up to £600

Duration - 6 months

Harvey Nash's Client have a requirement for a SOC Analyst, you will support the team in:

  • Provide hands-on 2nd line SOC operational support, including investigation and management of escalated incidents from the 1st line SOC
  • Validate and assure quality and effectiveness of Sentinel alerts and detections
  • Support onboarding of log sources and priority use cases into Microsoft Sentinel in line with CAF, T3, and ECS Keystone requirements
  • Develop and utilise KQL queries to enable effective triage, investigation, and validation of security events
  • Provide operational support and guidance to L1 SOC, improving consistency in alert handling and escalation
  • Contribute to clearing operational backlog, including rule validation, clean-up activity, and onboarding delivery
  • Perform basic tuning of analytic rules to improve signal quality and reduce alert noise (non-engineering activity