Senior SOC Analyst x 2

Senior SOC Analyst x 2 – GBP615 per day – Inside IR35 – Remote – contract until end of March 2026 – Candidates with active SC clearance or those with a recently lapsed clearance will be prioritised.

Our client, one of the UKs largest producers of zero carbon energy, is looking for 2 Senior SOC Analysts to join their Security Operations Centre.

This is an excellent opportunity for an experienced SOC professional to step into a senior role, leading on complex investigations and incident response within a high–profile environment.

The Role –

The Senior SOC Analyst will act as the technical expert within the SOC, responsible for handling escalations from Tier 1 and Tier 2 analysts and managing the most complex security incidents. You will lead deep–dive investigations, improve detection and response processes, and play a key role in stakeholder engagement.

Key responsibilities include:

• Analysing advanced security incidents, determining root cause and attack paths.
• Leading incident response activities across SIEM, EDR/XDR, networks, and cloud platforms.
• Producing clear, business–focused incident reports and updates for senior stakeholders.
• Advising on SOC tooling and ensuring effective integration of incident response requirements.
• Supporting security exercises, crisis response, and compliance alignment with industry frameworks.

Candidate Profile –

The successful candidate will bring:

• Significant experience in SOC operations and cyber incident response.
• Strong knowledge of adversary TTPs and frameworks such as MITRE ATT&CK.
• Hands–on skills in log analysis, anomaly detection, and incident remediation.
• Experience working in traditional IT and cloud (Azure and/or AWS) environments.
• Strong communication skills with the ability to translate technical threats into business terms.

Tools & Technologies –

You will work with a modern SOC technology stack, including:

• SIEM: Microsoft Sentinel
• EDR/XDR: Microsoft Defender for Endpoint
• Threat Intel: Recorded Future
• Network Analysis: Wireshark / tcpdump
• SOAR & Automation: Palo Alto Cortex XSOAR, ServiceNow SecOps
• Vulnerability Management: Tenable Nessus / Tenable.io
• Other nice to have tools: Shodan, Censys, BloodHound, Metasploit, Cobalt Strike, MITRE ATT&CK Navigator
• Cloud Security (advantageous): AWS GuardDuty, Security Hub, CloudTrail, Detective, Macie, Config, Inspector, VPC Flow Logs
  
  

Security clearance –

Due to the nature of this role, Security Check (SC) clearance is required. Candidates with active SC clearance or those with a recently lapsed clearance will be prioritised during the shortlisting process.