SOC Analyst

Focus Group is scaling our Security Operations Centre, and we need a SOC Analyst Level 2 who can investigate complex threats, mentor junior analysts, and help shape how we protect our growing customer base.

This isn't just another alert-closing role. You'll be the technical escalation point for our SOC team, performing deep‑drive investigations across our security stack, tuning detection logic, and directly influencing how we scale our operations. If you want to develop advanced threat hunting skills and progress toward senior analyst or detection engineering roles, this is it.

You'll investigate escalated alerts across RocketCyber, SaaS Alerts, and Bitdefender EDR—digging into phishing-to-compromise scenarios, suspicious inbox rules, MFA attacks, and cloud identity threats. You'll correlate context across platforms, perform root cause analysis, and coordinate response actions with engineering teams and customers.

Beyond the technical work, you'll mentor Level 1 analysts, contribute to training materials, assist with alert tuning, identify detection gaps, and recommend playbook improvements. You're bridging operational delivery and service improvement—making the SOC better while building your own skillset.

• 2+ years in a SOC, MSSP, or cyber operations environment with hands‑on alert investigation experience
• Practical experience with security platforms like RocketCyber, SaaS Alerts, or Bitdefender EDR
• Solid understanding of Microsoft 365 threats—token hijacking, MFA fatigue, login anomalies
• Familiarity with MITRE ATT&CK framework and incident response principles
• Strong analytical skills with the ability to correlate context across multiple platforms and perform root cause analysis
• Clear communication skills for documenting investigations and explaining technical details to non‑technical stakeholders
• A mentoring mindset—you genuinely enjoy helping junior analysts develop their skills

• Certifications like Microsoft SC‑200, CompTIA Security+, GCIH, or BTL1
• Experience with alert tuning or detection rule configuration
• Familiarity with scripting, APIs, or automation for investigation workflows
• Threat intelligence or email security platform experience

We're a 1,300‑person Microsoft technology partner and managed service provider backed by HG Capital. We're ambitious about growth, and our SOC is central to that strategy. You'll get structured progression pathways toward Senior SOC Analyst, Threat Intelligence, Detection Engineering, or SOC leadership roles—with the investment and support to actually get there.

Hybrid working from our Manchester or Shoreham office. Salary £35‑38k depending on experience, plus benefits package.