1,961 Security Operations jobs in the United Kingdom

ROLE TITLE: SOC Analyst

LOCATION: Hursley, Hampshire

CLEARANCE: SC cleared, or eligible for SC clearance

The ideal candidate will have active SC Clearance or be eligible to undergo SC Clearance.

We are actively looking to secure an SOC Analyst to join Experis.

Experis Consultancy is a Global entity with a well-established team with over 1000 consultants on assignment across 20 clients globally. Our UK operation is growing and has very aggressive plans for expansion over the coming years. We form part of the Manpower group of companies that turn over $20 billion a year collectively.

Experis UK have partnerships with major clients across the UK spanning multiple industries; our approach is a very personal one, with both our clients and our own employees. We are passionate about training, technology and career development.

Key accountabilities of the role

• A SOC Analyst will be responsible for providing Protective Monitoring Services across a range of Secure Customers.
• They will be responsible for the day to day monitoring using various SIEM Tools (Qradar, Sentinel & LogRhythm). Some of the responsibilities that come along with this role include the following: Security Analytics Incident investigation, triage and escalation Threat monitoring and response Trend reporting Rule tuning and continual service improvement
• The role involves working alongside other team members including SOC engineers and Service Managers.

Skills required:

• Microsoft Certified: Security Operations Analyst Associate Certification (SC200) is a mandatory requirement for role fulfilment
• Experience working with SIEM technologies and security tooling
• An understanding of IT Infrastructure and Networking An understanding of vulnerability and threat management
• An understanding of the incident response lifecycle T
• he ability to work in a close team and independently
• The ability to be adaptable to a high pace changeable workload
• An interest in security and threat management

Benefits Include:

• Contributory pension scheme
• Employee Assistance Program
• Medical and Dental cover
• 22 days holiday + bank holidays
• Maternity Pay/Shared Parental leave and paternity leave
• Sick pay

Suitable Candidates should submit CVs in the first instance.

SOC Solutions Engineer - IBM QRadar

Location: Birmingham (hybrid)

Salary: Up to £80,000 (depending on experience) + bonus

Eligibility: Candidates must be eligible for UK Security Clearance

We are seeking a SOC Solutions Engineer to join a growing security practice and play a pivotal role in enhancing cyber defence capabilities. This position offers the opportunity to work on cutting-edge security operations, with a strong focus on IBM QRadar , threat modelling, and automation.

What You’ll Do

• Deploy, configure, and maintain IBM QRadar SIEM solutions.
• Onboard and normalise log sources across both cloud and on-premise environments.
• Develop and optimise analytical rules for advanced threat detection and behavioural analysis.
• Design and implement incident response playbooks and integrate them with SOAR platforms to automate triage and response.
• Conduct threat modelling exercises (MITRE ATT&CK, STRIDE, Cyber Kill Chain) and translate them into actionable use cases.
• Perform in-depth investigations, coordinate incident response, and collaborate with threat intelligence teams.
• Produce dashboards, reports, and insights on security posture and incident trends.
• Support scoping and demonstrations of SOC tools for new opportunities.
• Mentor junior analysts and contribute to continual service improvements.

What We’re Looking For

• 3+ years experience in SOC/NOC Environments
• Strong experience with SIEM - IBM QRadar .
• Experience with log parsing, KQL/SPL/AQL, and scripting (Python, PowerShell).
• Solid understanding of threat detection, incident response, vulnerability management, and penetration testing .
• Familiarity with frameworks such as MITRE ATT&CK, NIST, and CIS .
• Strong communication and presentation skills, with the ability to work across technical and business teams.
• Relevant certifications (e.g., CISSP, GIAC, SC-200, Splunk, IBM QRadar Specialist, Chronicle Security Engineer) are advantageous.
• Cloud security knowledge (AWS, Azure) and ITIL processes is desirable.
• Ability to participate in a 24/7 on-call rota.

If you’re an ambitious SOC Engineer with a passion for detection engineering and security innovation – we’d love to hear from you.

• Monitor security alerts and events using SIEM and other security tools.
• Analyze security incidents to determine scope, impact, and root cause.
• Perform initial triage and investigation of security alerts.
• Escalate critical incidents to senior analysts and incident response teams.
• Identify and report on emerging threats and vulnerabilities.
• Contribute to the development of SOC playbooks and SOPs.
• Conduct basic threat hunting activities.
• Maintain accurate and detailed incident documentation.
• Collaborate with IT teams to implement security controls and countermeasures.

• Bachelor's degree in Cybersecurity, IT, or a related field, or equivalent practical experience.
• 1-3 years of experience in a SOC analyst role or similar cybersecurity position.
• Familiarity with SIEM tools (e.g., Splunk, QRadar, ELK Stack).
• Understanding of networking protocols, operating systems, and common attack vectors.
• Experience with endpoint security solutions (EDR).
• Strong analytical and problem-solving skills.
• Ability to work effectively in a team environment.
• Relevant certifications (e.g., Security+, CySA+) are a plus.

• Lead and manage the Security Operations Center (SOC) team, fostering a high-performance culture.
• Oversee the continuous monitoring of security events and alerts from various sources.
• Develop and implement effective incident response plans and procedures.
• Manage the detection, analysis, and containment of security threats and incidents.
• Evaluate and implement new security technologies and tools to enhance SOC capabilities.
• Ensure compliance with relevant security standards and regulatory requirements.
• Develop and deliver security awareness training programs.
• Collaborate with IT and other departments to implement security best practices.
• Manage SOC budgets and resource allocation.
• Report on security posture and incident trends to senior management.

• Proven experience in managing a Security Operations Center (SOC) or similar cybersecurity operations team.
• In-depth knowledge of security technologies, including SIEM, IDS/IPS, firewalls, and EDR solutions.
• Strong understanding of threat intelligence, vulnerability management, and incident response methodologies.
• Excellent leadership, team management, and communication skills.
• Experience with security frameworks such as NIST or ISO 27001.
• Relevant security certifications (e.g., CISSP, GCIH, GCIA) are highly desirable.
• Bachelor's degree in Cybersecurity, Computer Science, or a related field.

• Monitor security alerts and events from various sources using SIEM and other tools.
• Analyze security incidents to determine scope, impact, and root cause.
• Lead and coordinate incident response activities.
• Develop and optimize detection rules, threat intelligence feeds, and security playbooks.
• Conduct vulnerability assessments and penetration testing analysis.
• Perform forensic analysis of security breaches.
• Stay current with emerging threats, vulnerabilities, and cybersecurity technologies.
• Mentor and guide junior SOC analysts.
• Contribute to the improvement of SOC operational procedures and efficiency.
• Communicate effectively with stakeholders regarding security incidents.

• Bachelor's degree in Computer Science, Information Security, or related field, or equivalent experience.
• Minimum of 5 years of experience in a SOC or cybersecurity operations role.
• In-depth knowledge of cybersecurity principles, threats, and defense techniques.
• Proficiency with SIEM platforms (e.g., Splunk, QRadar), EDR, and other security tools.
• Experience in incident response, digital forensics, and threat hunting.
• Relevant certifications (CISSP, GSEC, CEH, etc.) are highly desirable.
• Strong analytical and problem-solving skills.
• Excellent written and verbal communication skills.
• Ability to work independently and collaboratively in a remote setting.

• Lead and mentor a team of SOC analysts, providing guidance and performance feedback.
• Manage and monitor security alerts and incidents, ensuring prompt and accurate resolution.
• Develop, implement, and maintain SOC policies, procedures, and best practices.
• Conduct in-depth analysis of security events, identify attack vectors, and recommend mitigation strategies.
• Perform proactive threat hunting to uncover hidden or advanced persistent threats.
• Oversee the tuning and optimisation of SIEM rules and security monitoring tools.
• Liaise with other IT and business units during incident response activities.
• Stay current with the latest cybersecurity threats, vulnerabilities, and defence techniques.
• Contribute to the development of security awareness training programs.
• Manage relationships with third-party security vendors and service providers.
• Generate regular reports on SOC performance, incident trends, and security risks.

• Monitor security alerts and logs from various sources to detect malicious activity.
• Perform in-depth analysis of security incidents, identify root causes, and recommend remediation actions.
• Develop and refine threat detection rules and signatures.
• Conduct threat hunting activities to proactively identify advanced threats.
• Lead and coordinate incident response efforts, ensuring timely and effective containment and eradication.
• Analyze malware samples and forensic data to understand attack methodologies.
• Stay current with the latest cybersecurity threats, vulnerabilities, and attack techniques.
• Create and maintain comprehensive incident reports and documentation.
• Mentor and guide junior SOC analysts, sharing knowledge and best practices.
• Contribute to the continuous improvement of SOC processes, tools, and procedures.
• Collaborate with other IT and security teams to ensure integrated security solutions.
• Participate in vulnerability management and assessment activities.

• Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or a related field, or equivalent practical experience.
• Minimum of 5 years of experience working in a Security Operations Center (SOC) or a similar cybersecurity role.
• Demonstrated expertise in SIEM, IDS/IPS, EDR, network forensics, and malware analysis.
• Strong understanding of TCP/IP, network protocols, and common attack vectors.
• Experience with scripting languages (e.g., Python, PowerShell) for automation is a plus.
• Excellent analytical, problem-solving, and critical-thinking skills.
• Ability to work effectively in a high-pressure, fast-paced environment.
• Strong communication and teamwork skills, essential for a remote team.
• Relevant certifications such as CompTIA Security+, CEH, GIAC GSEC, or GCIH are highly desirable.

• Monitor security alerts and logs using SIEM and other security tools.
• Investigate and analyze security incidents to determine scope, cause, and impact.
• Respond to and remediate security threats according to established procedures.
• Develop and tune detection rules and use cases for SIEM and other security solutions.
• Perform vulnerability assessments and penetration testing support.
• Conduct threat hunting activities to proactively identify malicious activity.
• Create incident reports and documentation.
• Collaborate with incident response teams and other IT departments.
• Stay current with the latest cybersecurity threats, vulnerabilities, and attack vectors.
• Mentor junior SOC analysts and contribute to team training.

• Bachelor's degree in Cybersecurity, Computer Science, or a related field, or equivalent experience.
• 4+ years of experience in a SOC environment or related cybersecurity role.
• Hands-on experience with SIEM platforms (e.g., Splunk, QRadar, ELK Stack).
• Proficiency in analyzing network traffic and endpoint logs.
• Knowledge of common attack vectors, malware, and intrusion techniques.
• Familiarity with incident response methodologies and frameworks (e.g., NIST).
• Excellent analytical and problem-solving skills.
• Strong written and verbal communication skills.
• Relevant certifications such as CompTIA Security+, CySA+, GCIH, or GCIA are highly desirable.
• Ability to work effectively under pressure in a fast-paced environment.