Security Operations Center Analyst

Remote (Travel to Reading once per month)

Salary: Up to £55,000 per annum + Training & Certifications

Areti are delighted to be supporting a rapidly growing cyber services provider in their search for an L2 SOC Analyst to join their expanding UK Security Operations Centre.

This organisation partners with a wide range of enterprise customers across Europe, helping them monitor, detect, and respond to threats through cutting‑edge tooling, advanced analytics, and proactive cyber defence. As part of their continued investment in UK security operations, they are looking for an experienced analyst with strong technical foundations and a hunger to grow their capability in detection, investigation, and automation.

As an L2 SOC Analyst, you’ll be at the forefront of defending enterprise environments, analysing alerts, investigating incidents, and improving detection capabilities across diverse customer estates. Working closely with senior analysts and incident responders, you’ll play a key role in maintaining an effective, high‑performing SOC, while continuously developing your skills through structured training and real‑world exposure.

You’ll be encouraged to contribute ideas, challenge processes, and help refine the team’s approach to detection and response, making a visible impact on how cyber threats are managed and contained.

This position sits within a 24/7 security operations model, working as part of a collaborative team that provides round‑the‑clock monitoring and response for critical customer environments.

• Tune and optimise security monitoring tools and SIEM rulesets aligned to MITRE ATT&CK.
• Maintain and improve internal SOC processes and playbooks.
• Assist in testing and validating new detection logic and use cases.
• Monitor and triage alerts across a range of SIEM, EDR, and XDR platforms.
• Perform in-depth investigations and elevate critical incidents as needed.
• Conduct threat hunting and vulnerability analysis activities.
• Prepare reports and updates on customer security posture.

• Participate in continuous improvement projects focused on tooling, process efficiency, and SOC coverage.
• Collaborate with senior analysts to develop new automation and response workflows.
• Stay current with emerging threats, attacker techniques, and evolving technologies.

You’ll be an experienced SOC Analyst (ideally with 2+ years in a 24/7 environment) or an infrastructure/security professional ready to take the next step into advanced operational security. You combine strong technical curiosity with analytical discipline and thrive in fast‑paced, high‑impact environments.

• Proven experience in a SOC environment or a strong infrastructure/networking background with security exposure.
• Hands‑on experience with SIEM platforms – e.g. Microsoft Sentinel, Google Chronicle, or similar.
• Working knowledge of EDR/XDR tools such as CrowdStrike, SentinelOne, Palo Alto Cortex, or Microsoft Defender.
• Understanding of incident response frameworks (MITRE ATT&CK preferred).
• Experience with vulnerability management platforms such as Rapid7 or Tenable.
• Exposure to Cyber Threat Intelligence and its application within SOC workflows.
• Experience with ticketing systems (ServiceNow, JIRA, Salesforce) and ITIL‑aligned processes.
• Strong communicator with solid written and analytical reporting skills.

You’ll join a technically advanced team that values collaboration, curiosity, and continuous learning. The company invests heavily in professional development, offering access to vendor certifications, cyber ranges, and hands‑on training across the latest tools and techniques.

This is an exciting opportunity to sharpen your investigative and technical skills, work with diverse customers, and contribute to one of the UK’s most capable security operations teams.

We’re on a mission to put people and the planet before profit — helping to build a better, more sustainable tech future.