Enable job alerts via email!
Tier 2 Security Operations Centre Analyst
SecureCloud+
Stoke-on-Trent
On-site
GBP 30,000 - 45,000
Full time
Yesterday
Be an early applicant
Boost your interview chances
Create a job specific, tailored resume for higher success rate.
Create a job specific, tailored resume for higher success rate.
Job summary
A leading cybersecurity firm seeks a T1 SOC Analyst to lead incident response and security monitoring efforts. The role requires 1-3 years of experience, a degree in a related field, and proficiency with SIEM tools. Join a committed team dedicated to enhancing security postures through active threat detection and incident management.
Qualifications
- 1 to 3 years of experience in a SOC or similar role.
- Demonstrable exposure to incident response and security monitoring.
- Strong practical experience through labs, projects, or certifications considered.
Responsibilities
- Lead the triage and investigation of security events using SIEM.
- Coordinate containment and remediation efforts for high-severity incidents.
- Conduct continuous monitoring of network traffic and critical systems.
Skills
Incident Response
Security Monitoring
Threat Analysis
Incident Triage
Log Analysis
Education
Bachelor's degree in Computer Science, Information Security, or related field
Tools
SIEM platforms (LogRhythm, Elastic SIEM, Microsoft Sentinel)
EDR tools
Vulnerability management tools
Job description
Role Responsibilities
Key responsibilities for this role may include:
Incident Detection & Response:
As a T1 SOC Analyst, you will have:
Experience (preferred)
Key responsibilities for this role may include:
Incident Detection & Response:
- Lead the triage, investigation, and classification of security events using SIEM and other tooling
- Take ownership of end-to-end handling of medium to high-severity incidents, coordinating containment and remediation efforts
- Maintain detailed incident records, including timelines, impact assessments, root cause analysis, and mitigation steps
- Act as an escalation point for Tier 1 analysts, guiding initial response actions and validating escalations
- Participate in on-call or out-of-hours technical support where appropriate
- Perform in-depth analysis of suspicious activity, identifying indicators of compromise and attribution patterns
- Lead threat intelligence sharing within the organisation and with external partners
- Mentor Tier 1 staff in interpreting threat data and logs during investigations
- Conduct continuous security monitoring of network traffic, endpoints, and critical systems
- Proactively tune and improve SIEM rules, alerts, and correlation logic to reduce false positives and increase detection fidelity
- Support onboarding of new data sources into SIEM and help define parsing, enrichment, and correlation logic
- Lead investigations into recurring false positives or noisy alerts and propose sustainable resolutions
- Support deployment and configuration of security tooling
- Lead security audits and assessments, providing evidence of SOC activities and controls
- Maintain accurate records of all events handled, including triage notes and escalation details.
- Lead the delivery of incident and vulnerability summaries to the management team and customers as part of Service Reviews or Security Working Groups
- Lead post-incident reviews and document lessons learned
- Ensure compliance with industry standards, regulations, and internal security policies
- Prepare and present regular reports and metrics on SOC operations and overall security posture
- Coordinate and support risk-based prioritisation of vulnerability remediation efforts
- Support vulnerability lifecycle management, including exception handling, patch validation, and reporting
- Provide vulnerability remediation guidance based on CVSS scores, threat context and business impacts
- Act as a technical mentor to Tier 1 analysts, supporting their development and escalation handling
- Work closely with other IT teams (e.g., Network, Architecture, and Development teams) to identify and resolve security issues
- Share insights, threat intelligence, and incident learnings to improve the overall security posture of the organization
- Identify gaps in detection, response, or processes and propose pragmatic, measurable improvements
- Lead small initiatives to improve SOC efficiency, such as automating repetitive tasks or improving alert triage
- Contribute to maturity efforts such as MITRE ATT&CK mapping, control gap analysis, or threat modelling
As a T1 SOC Analyst, you will have:
Experience (preferred)
- 1 to 3 years of hands-on experience in a SOC or similar security operations role, with demonstrable exposure to incident response, security monitoring, or threat analysis
- Experience handling real-world security incidents and working with SIEM, EDR, or vulnerability management tools
- Candidates with strong practical experience through labs, home projects, certifications, or internships may also be considered if they can demonstrate applied knowledge at a Tier 2 level
- Bachelor’s degree in Computer Science, Information Security, Cyber Security or related field, or equivalent experience desirable.
- Any SIEM-specific certification or vendor-specific training.
- Relevant cybersecurity certifications such as Certified Cloud Security Professional (CCSP) or other relevant security certifications, Security+ (CompTIA), CEH (Certified Ethical Hacker), BTL1, BTL2 or others are highly desirable but not essential.
- Proficient in using SIEM platforms such as LogRhythm, Elastic SIEM, Microsoft Sentinel or similar for monitoring and analysis
- Solid understanding of network protocols, firewalls, intrusion detection/prevention systems (IDS/IPS), and endpoint security
- Hands-on experience with log analysis and alert triage, vulnerability scanning and patching and incident response
- Working knowledge of cyber security and compliance frameworks (NIST, ISO 27001, MITRE ATT&CK).
- Experience or strong interest in using scripting and automation for security operations
- Excellent written and verbal communication skills, with the ability to convey information to both technical and non-technical stakeholders
- Strong analytical mindset with keen attention to detail and sound judgement
- Able to follow standard operating procedures with discipline and accuracy
- Eager to learn, ask questions, and develop professionally
- Comfortable working in a fast-paced team environment and managing multiple priorities
- Proactive in seeking opportunities to learn and grow with a curious, problem-solving mindset
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
Land a better
job faster
job faster
