SOC Analyst (Senior)

Our client, the UK's trusted Ministry of Defence partner, is seeking an experienced SOC Threat Detection Analyst to join the cyber security operations centre (SOC) within Information Management (IM). The successful candidate will support Senior SOC analysts in addressing the challenges of countering cyber threats, driving a proactive ethos in a dynamic environment, and providing robust threat detection and analysis within the 24x7 SOC.

Key Responsibilities:

To support the SOC Manager in assisting Information Management UK in meeting the challenges and demands of countering cyber threats, the role involves supporting the operational functions of the UK SOC. This includes working with other UK SOC members, the UK InfoSec Team, and the IM Domains (Customer Support and Infrastructure / Information Systems).

Responsibilities cover analysis, monitoring, reporting, alerting, and investigation activities using a variety of security platforms, including AI/ML and behavioural analytics, SIEM (Security Information Event Management), Network Packet Capture, Anti–Malicious Code, and Threat Detection technologies across the UK Network Perimeter.

The SOC Analyst reports to the SOC Manager and conducts a range of analyses, assisting the incident response team with investigations that need to be escalated to an embedded staff member.

The SOC Analyst key responsibilities are:

• Effective Tier 1 to 2 alert triage of security events
• Monitoring of Cyber Security tools
• Monitoring the SOC email notification mailboxes
• Assists with the maintenance of MBDA Security technologies
• Assisting the SOC Solutions Lead with project activity
• Conduct proactive threat hunting in collaboration with the CTI function
• Conduct HR and InfoSec related investigations
• Ensure the timely triage and remediation of any incident or request tickets raised to the SOC
• Participate in the activity of adding/removing URLs from the AcceptList and BlockList
• Attend routine security meetings

What do you need?:

• Extensive background in Cyber Security with expertise in Network Security, Infrastructure, Operating Systems, and Applications.
• Proficient in IT Security best practices.
• Strong understanding of the OSI Reference Model and network communication protocols (DNS, HTTP/S, SSL, SMTP, FTP/S, LDAP/S).
• Experienced with Security Information Event Monitoring Tools and Network Packet Capture tools.
• Hands–on experience with IDS/IPS technologies and threat hunting.
• Strong analytical skills and mindset.
• Knowledgeable in Defensive Cyber–attack methodologies and frameworks.
• Understanding of Malware capabilities, attack vectors, propagation, and impact.
• Excellent communication skills for liaising with business and suppliers.

Desirable Skills & Experience (Senior Level)

• Proven experience conducting root cause analysis and leading Tier 2 incident investigations to resolution.
• Demonstrated ability to develop and maintain incident response playbooks, standard operating procedures (SOPs), and runbooks to support operational readiness.
• Strong working knowledge of detection engineering, including tuning detection logic and reducing false positives to enhance alert fidelity.
• Proficiency in SIEM rule tuning and the creation of custom detection use cases aligned with threat models and operational requirements.
• Hands–on experience with security automation and orchestration, including scripting in Python, PowerShell, or using SOAR platforms to streamline response workflows.
• Solid understanding of threat modelling frameworks and practical application of threat hunting methodologies to proactively identify malicious activity.

What happens now?

Upon submission of your application, should it meet our selection criteria, you will be contacted via e–mail by one of our talent acquisition specialists to arrange a screening call. This telephone chat is structured to explore a series of questions aimed at matching your competencies and capabilities to the specific demands of the position. Please note, this screening is contingent upon the initial success of your application.

Security Clearance: British Citizen or a Dual UK national with British citizenship

Restrictions and/or limitations relating to nationality and/or rights to work may apply. As a minimum and after offer stage, all successful candidates will need to undergo HMG Basic Personnel Security Standard checks (BPSS), which are managed by our clients Security Team.

More about the role:

For more than 70 years, our client has been in a strong partnership with the UK military. They have accomplished numerous milestones in defence engineering and have provided essential defence capabilities to meet the requirements of the armed forces across land, sea, and air.

This role is based at our client's headquarters in Stevenage, a key location for missile operations. The site offers excellent transportation links, an onsite gym, and a coffee shop. Training and development opportunities are available to all employees.