SOC Analyst

Job Title: SOC Analyst (x3 Roles)

Location: On-site, London moving to hybrid 3 days on-site after 2-week induction
Start Date: Immediate

Contract length: 31/03/26 further extensions expected

Clearance Required: BPSS (must be obtained prior to onboarding)

Day rate: £400 - £500

Our client is seeking three hands‑on SOC Analysts to join a security operations team in London. These roles are focused on real‑time monitoring, investigation, and incident response across a modern enterprise security environment. Collectively, the team must cover a broad set of security technologies, and candidates who bring strong, recent experience in at least two of the listed tools will be prioritised.

• Monitor, triage, and respond to security alerts across multiple platforms, including Microsoft and endpoint security tools.
• Conduct in‑depth investigations of security events, escalating and containing incidents as required.
• Optimise and tune detection rules, policies, and alerting mechanisms to improve SOC efficiency.
• Collaborate with internal teams to support security operations, threat analysis, and incident recovery.
• Produce clear incident documentation, reports, and recommendations for continuous improvement.
• Contribute to maintaining and enhancing SOC processes, runbooks, and operational workflows.

Across the three hires, the team must collectively cover the following skill sets; individual candidates should possess strong expertise in at least two:

• Experience triaging and managing Microsoft security alerts from the Microsoft Security Center / Microsoft Defender portal
• Microsoft Defender for Endpoint (MDE): advanced or enterprise‑level operational expertise, including investigations, threat hunting, and response

• Hands‑on experience with configuration, policy management, agent deployment, and alert handling

• SOC operations experience including tuning, alert triage, threat investigation, and incident response

• Proven experience in a hands‑on SOC Analyst role within an enterprise environment
• Strong understanding of security operations, threat detection, and incident response workflows
• Excellent communication skills and the ability to work effectively within a collaborative SOC team

• Experience with incident documentation and reporting
• Familiarity with security frameworks (MITRE ATT&CK, NIST, ISO 27001)
• Ability to adapt quickly to new tools, threats, and operational priorities
• Any relevant certifications (e.g., Security+, CySA+, Microsoft SC-series, GIAC)