SOC Analyst – SC Cleared – 12 Month Contract – Hereford

About Your Role:

As the SOC Analyst your role will include;

• Alert Triage: Review and assess alerts escalated by the outsourced SOC; validate their accuracy and determine potential impact.
• Initial Investigation: Perform first-line investigation using available tools (SIEM, Device Logs, firewall logs and SIEM alerts).
• User Interaction: Engage with affected end users or asset owners to collect additional information, verify events, or guide immediate containment steps (e.g. asset isolation, password reset).
• Escalation: Escalate confirmed or high severity incidents to the Level 2 SOC (outsourced) or internal incident response teams, ensuring complete and accurate handoff documentation.
• Incident Documentation: Create and maintain detailed case notes, timelines, and evidence within the case management system to support investigations and compliance requirements.
• Collaboration: Serve as the coordination point between the security team and the external SOC partner, maintaining strong communication and situational awareness.
• Playbook Execution: follow established triage and escalation playbooks; suggest improvements based on recurring issues or inefficiencies.
• Threat Awareness: Maintain awareness of current cyber threats, attacker techniques (MITRE ATT&CK), and industry trends relevant to the organisations threat landscape.

About You:

As an experienced SOC Analyst, your skills and experience may include;

• Previous experience in a SOC, IT Operations, or security support role.
• Understanding of key security concepts including malware, phishing, lateral movement and privilege escalation.
• Working knowledge of network fundamentals, windows/Linux system logs and authentication systems.
• Working knowledge of SIEM platforms (e.g. Microsoft sentinel, Splunk, Elastic, QRadar).
• Awareness of security frameworks and methodologies (NIST CSF, MITRE ATT&CK, ISO27001).