Senior Cyber Defense SOC Analyst (L3)

Join to apply for the Senior Cyber Defense SOC Analyst (L3) role at Ascot Group

Get AI-powered advice on this job and more exclusive features.

This is an opportunity to join Ascot Group - one of the world’s preeminent specialty risk underwriting organizations.

Designed as a modern-era company operating through an ecosystem of interconnected global platforms, we’re bound by a common mission: One Ascot. Our strength lies in a talented team thriving in a collaborative, inclusive, and entrepreneurial culture, committed to underwriting excellence, integrity, and innovation, known as The Ascot Way.

The Ascot Way guides our organization. Our platforms collaborate to deploy capital creatively through our Fusion Model: Client Centric, Risk Centric, Technology Centric. Built to be resilient, Ascot maximizes client security while delivering bespoke products and world-class service, both pre- and post-claims. We aim to solve our clients’ brightest tomorrow through agility, collaboration, resilience, and discipline.

As part of our 24x7 Cyber Defense team, the Senior SOC Analyst L3 will investigate security incidents, enhance detection content, and support monitoring, detection, and incident response activities. This involves working closely with the Cyber Resilience team and MSSP.

Acting as an escalation point for L1/L2 SOC analysts, this role requires managing multiple incident response aspects, supporting a global cybersecurity team, and working in shifts across UK and US time zones. Responsibilities include maintaining detection tools, creating playbooks, documenting SOC activities, and supporting integrations.

• Monitor security tools to triage and respond to suspicious activities and conduct deep incident investigations.
• Serve as escalation point for L1/L2 analysts and coordinate with MSSP and other stakeholders.
• Develop security protocols, incident response procedures, and threat intelligence processes.
• Stay updated on threats, vulnerabilities, tools, and TTPs to enhance detection and response.
• Oversee MSSP and SOC operations globally, mentor junior team members, and develop SOPs and playbooks.
• Conduct technical analysis and assessments during incidents, and work with end-users on security workflows.
• Document incidents, provide insights, and communicate risks to stakeholders.
• Support scheduled shifts and perform in-depth security investigations, log analysis, and threat assessments.
• Implement detection use cases in SIEM, manage log sources, and maintain system health.
• Assist with ad hoc projects as needed.

• Cybersecurity-related Bachelor’s degree or equivalent.
• At least 10 years of experience in security operations or technical cybersecurity roles.
• Experience with log sources, SIEM platforms, and detection content creation preferred.
• Certifications such as Security+, CSA, CEH, CISSP, GSEC, GCIH, CCSP, Microsoft SC-200, OSCP are a plus.
• Solid knowledge of enterprise technologies, Windows/Linux OS, Azure, M365, and detection of signs of compromise.
• Growth mindset, detail-oriented, structured approach, and ability to work under pressure.
• Strong communication skills, understanding of attack types, and familiarity with MITRE ATT&CK.
• Experience with security tools like EDR, XDR, malware analysis, and log analysis.
• Curiosity and a desire to continuously learn about cybersecurity.

This position may be filled at a different level depending on experience.