SOC Analyst (Senior level)

Social network you want to login/join with:

Our client, a leading defence company, is looking to hire multiple SOC Analysts due to increased demand. We are seeking both mid-level and senior engineers.

Key skills required for this role

Location: Stevenage (shift pattern detailed below)

Duration: 6-month initial contract

Hours: 28 hours per week

Support the cyber security operations centre (SOC) by assisting with threat detection and analysis in a dynamic cyber environment. This contract offers an exciting opportunity to work in a vital field within defence.

Key Responsibilities:

• Drive proactive threat detection and analysis within a 24x7 SOC environment
• Utilize security platforms such as AI/ML, behavioural analytics, SIEM, Network Packet Capture, Anti Malicious Code, and Threat Detection tools across the UK Network Perimeter
• Perform Tier 1 to 2 alert triage of security events
• Monitor cybersecurity tools and email notifications
• Assist in maintaining MBDA Security technologies
• Support SOC Solutions Lead with project activities
• Participate in proactive threat hunting with the CTI team
• Assist in HR and InfoSec investigations related to IR
• Ensure timely triage and remediation of incidents and requests
• Manage URL filtering activities (adding/removing from AcceptList and BlockList)
• Attend security meetings and contribute to SOC maturity and continuous improvement

Candidate requirements:

• Experience in Cyber Security focusing on Network Security, Infrastructure, and Applications
• Knowledge of IT Security methodologies
• Understanding of OSI model and network protocols (DNS, HTTP/S, SSL, SMTP, FTP/S, LDAP/S)
• Experience with SIEM and Network Packet Capture tools
• Hands-on with IDS/IPS technologies and threat hunting
• Strong analytical skills
• Knowledge of cyber-attack methodologies and frameworks
• Understanding malware capabilities and attack vectors
• Good communication skills

Desirable for Senior Grade:

• Root cause analysis and leadership in incident investigations
• Development of processes, playbooks, and runbooks
• Detection engineering and false positive reduction
• SIEM rule tuning and custom detection creation
• Automation scripting (Python, SOAR, PowerShell)
• Threat modelling and hunting techniques

Additional information:

• Roles are fully site-based in Stevenage
• Shift pattern involves blocks of 4-5 days on, 4-5 days off, with rotations across early, late, or night shifts; 2 weekends per 28 days required
• Roles are 28 hours per week
• Security Clearance (SC) is required before starting; DV clearance is preferred