Security Operations Analyst

As a Security Operations Analyst. You’ll monitor, triage, and respond to threats across our global estate, using modern SIEM/EDR and automation to keep [Company/clients] safe. Hybrid working, strong learning culture, and clear progression.. . The role. You’ll be part of our Security Operations Centre, detecting and responding to cyber threats, improving our controls, and guiding the business through security incidents. This role suits someone hands‑on with SOC tooling, calm under pressure, and eager to automate the boring stuff.. .

• Monitor and triage security alerts across SIEM (e.g., Microsoft Sentinel/Splunk), EDR (e.g., Defender for Endpoint/CrowdStrike), email security, and cloud platforms..
• Investigate incidents end‑to‑end: scoping, containment, eradication, and recovery; maintain clear incident records and timelines..
• Execute and improve playbooks/runbooks; contribute to SOAR automation for repetitive tasks..
• Perform threat hunting using hypotheses mapped to MITRE ATT&CK; enrich findings with threat intelligence (internal and external)..
• Lead/assist on phishing investigations, malware analysis at triage level, and suspicious user activity reviews..
• Collaborate with IT/Cloud/Network teams on log onboarding, tuning, and control gaps; reduce false positives..
• Track and meet SLAs/KPIs (MTTD/MTTR); deliver concise, executive‑ready post‑incident reports and lessons learned..
• Support vulnerability management by contextualising exposures and recommending remediation priorities..
• Participate in shift handovers and, if applicable, an out‑of‑hours/on‑call rota..
• Contribute to security awareness and purple‑team exercises/attack simulations..

• Experience in a SOC/IR role (typically 2–5 years for this level) with demonstrable incident handling..
• Working knowledge of: SIEM, EDR, email security, network security (IDS/IPS, firewalls), and cloud security (Azure/AWS)..
• Ability to query and analyse data (KQL/Splunk SPL/SQL); basic scripting (PowerShell or Python) for enrichment and automation..
• Familiarity with frameworks and standards: MITRE ATT&CK, NIST CSF, ISO/IEC 27001, and Cyber Essentials/Plus..
• Strong written and verbal communication; comfortable translating technical risk for non‑technical audiences..
• A proactive mindset: curiosity, ownership, and continuous improvement..

• Certifications such as Security+, CySA+, SC-200, AZ-500, GCIH/GCIA/GCTI, SSCP, GCED, or equivalent..
• Experience with SOAR tooling, sandboxing, DFIR basics, or purple‑team methodology..
• Exposure to identity security (Entra ID, Okta), SaaS security, or container/Kubernetes security..
• Experience in regulated environments (financial services, public sector) and/or UK SC/BPSS clearance eligibility..

• Leave: 20 days’ annual leave.
• Pension & protection: Employer pension contribution, life assurance, and income protection.
• Learning & growth: Budget for certifications, paid exam days, access to labs and training platforms; clear progression to Senior Analyst/Incident Responder/Threat Hunter.

Experience: Required

Employment: Full‑time

Schedule: Monday to Friday : 9am to 5pm

Salary: £36,000 – £49,000 yearly

Yagshree Consultancy LTD. offers a comprehensive range of IT consulting and software development services, tailored to meet the unique needs of our clients. Some of our key service areas include IT Consulting, Software Development, App Deve