£600 Per day
Inside
Hybrid
Reading, Berkshire, UK
Summary: The SOC Analyst role involves providing hands-on 2nd line operational support within a Security Operations Center (SOC), focusing on incident management and alert validation. The position requires collaboration with the first line SOC and the onboarding of log sources into Microsoft Sentinel. The role is contract-based for a duration of six months and requires SC clearance. The analyst will also contribute to operational improvements and backlog clearance.
Key Responsibilities:
- Provide hands-on 2nd line SOC operational support, including investigation and management of escalated incidents from the 1st line SOC
- Validate and assure quality and effectiveness of Sentinel alerts and detections
- Support onboarding of log sources and priority use cases into Microsoft Sentinel in line with CAF, T3, and ECS Keystone requirements
- Develop and utilise KQL queries to enable effective triage, investigation, and validation of security events
- Provide operational support and guidance to L1 SOC, improving consistency in alert handling and escalation
- Contribute to clearing operational backlog, including rule validation, clean-up activity, and onboarding delivery
- Perform basic tuning of analytic rules to improve signal quality and reduce alert noise (non-engineering activity)
Key Skills:
- Experience in 2nd line SOC operations
- SC clearance
- Proficiency in Microsoft Sentinel
- Knowledge of KQL (Kusto Query Language)
- Ability to manage and investigate security incidents
- Strong analytical and problem-solving skills
- Experience in alert validation and tuning
Salary (Rate): £600.00 per day
City: Reading
Country: UK
Working Arrangements: hybrid
IR35 Status: inside IR35
Seniority Level: Mid-Level
Industry: IT
Detailed Description From Employer:
Job Title: SOC Analyst
Duration - 6 months
Location - Havant or Reading (2-3 days in a week onsite)
Description:
(2nd Line - Contractor, SC Cleared)
- Provide hands-on 2nd line SOC operational support, including investigation and management of escalated incidents from the 1st line SOC
- Validate and assure quality and effectiveness of Sentinel alerts and detections
- Support onboarding of log sources and priority use cases into Microsoft Sentinel in line with CAF, T3, and ECS Keystone requirements
- Develop and utilise KQL queries to enable effective triage, investigation, and validation of security events
- Provide operational support and guidance to L1 SOC, improving consistency in alert handling and escalation
- Contribute to clearing operational backlog, including rule validation, clean-up activity, and onboarding delivery
- Perform basic tuning of analytic rules to improve signal quality and reduce alert noise (non-engineering activity
Guidant, Carbon60, Lorien & SRG - The Impellam Group Portfolio are acting as an Employment Business in relation to this vacancy.