A UK Managed Security Services Provider (MSSP) protecting clients across financial services, healthcare and critical infrastructure is hiring a Tier 2/3 SOC Analyst. You will be the escalation point for complex security incidents, conducting deep-dive investigations, threat hunting and leading the response to advanced persistent threats across a diverse client portfolio. Role & Responsibilities: • Triage, investigate and respond to escalated security incidents from Tier 1 analysts across client environments • Conduct threat hunting exercises using SIEM data, EDR telemetry and threat intelligence feeds • Perform malware analysis, log forensics and root cause analysis on complex security incidents • Build and tune SIEM detection rules in Splunk and Microsoft Sentinel to reduce false positives and improve coverage • Write detailed incident reports and post-mortem documentation for client and internal stakeholders • Develop and maintain incident response playbooks for common attack scenarios • Mentor Tier 1 analysts on investigation techniques, tool usage and escalation criteria • Contribute to threat intelligence enrichment and IOC management Required Skills & Experience: • 4+ years of SOC experience with at least 2 years at Tier 2 or above • Strong Splunk skills: SPL queries, correlation rules, dashboards and alert tuning • Experience with Microsoft Sentinel and KQL for detection engineering • Proficiency with EDR tools: CrowdStrike Falcon, Microsoft Defender for Endpoint or SentinelOne • Understanding of attacker TTPs using MITRE ATT&CK framework • Experience with network forensics: Wireshark, Zeek, NetFlow analysis • CompTIA Security+, CySA+, GCIH or equivalent certification preferred • SC-200 (Microsoft Security Operations Analyst) is a strong advantage What We Offer: • Fully remote role based in the UK with shift pattern covering extended hours • Salary £50,000–£65,000 based on experience plus shift allowance • Exposure to diverse client environments across critical industries • Clear path to senior analyst, detection engineer or incident response specialist For a SOC analyst ready to move beyond alert triage into genuine threat hunting and detection engineering — where your investigative instincts are valued as much as your tool skills.
Remote · UK | £50,000–£65,000