You’ll lead major security incidents from detection through remediation, coordinating containment, analysing attacker activity, and supporting clients through critical decision‑making.
You’ll proactively hunt for threats using advanced KQL analytics, enhance SIEM/EDR detections, tune rules, and develop signatures aligned to MITRE ATT&CK.
You’ll perform malware triage and behavioural analysis, using reverse‑engineering tools when needed to support investigations and strengthen detection coverage.
You’ll produce clear, high‑quality investigation reports, timelines, and intelligence summaries that translate technical findings for a range of audiences.
You’ll contribute to SOC playbooks, mentor junior analysts, support onboarding of new customers, and help evolve SOC processes and tooling.
You’ll participate in the 24×7 on‑call rota to provide expert support during critical incidents.

A strong background in DFIR, SOC operations, or incident response
Ability to lead complex investigations and high‑severity security incidents
Confident decision‑maker who can guide clients through critical situations
Strong communicator, able to translate technical findings for any audience
Collaborative mindset with willingness to work closely across teams
Ability to mentor junior analysts and support skill development
Comfortable working in fast‑paced, high‑pressure environments
Proactive approach to improving SOC processes, playbooks, and detection capabilities

Senior SOC Analyst

Key skills