160 Soc Analyst jobs in the United Kingdom

SOC Analyst - Corsham - Circa 46,000 per annum - On-site (5 days per week)
Permanent | SC Clearance Required.
Deerfoot Recruitment is working on behalf of a leading organisation seeking to hire an experienced SOC Analyst to join their Security Operations Centre based in Corsham . This is a full-time, on-site role requiring 5 days per week presence.
The successful candidate will play a vital role in monitoring, analysing, and responding to security threats using tools such as Splunk, Flexera, and other industry-standard SIEM platforms. You'll investigate security incidents, coordinate with other IT and security teams, and support continuous improvement of threat detection and response processes.
Key Requirements:

• Previous experience in a SOC Analyst or similar cybersecurity role
• Strong expertise in Splunk or similar SIEM tools
• Familiarity with Flexera for vulnerability management
• Understanding of firewalls, network protocols, intrusion detection/prevention systems
• Relevant certifications (e.g., CISSP, CEH, Splunk) advantageous
• Must be eligible for Developed Vetting (DV) clearance , requiring 10 years continuous UK residency

Please Note: All offers will be subject to standard pre-employment checks including ID, employment history (last 3 years), immigration status, and an unspent criminal record check.
This is an excellent opportunity to join a forward-thinking, inclusive environment with strong investment in training, development, and employee wellbeing.
To apply or learn more, please contact us today at Deerfoot Recruitment .

Deerfoot Recruitment Solutions Ltd is a leading independent tech recruitment consultancy in the UK. For every CV sent to clients, we donate 1 to The Born Free Foundation. We are a Climate Action Workforce in partnership with Ecologi. If this role isn't right for you, explore our referral reward program with payouts at interview and placement milestones. Visit our website for details. Deerfoot Recruitment Solutions Ltd is acting as an Employment Agency in relation to this vacancy.

WHJS1_UKTJ

Job Title: SOC Analyst

Location: Reading, United Kingdom (Hybrid- 1-2 days/week)

Job Type: Contract Inside IR35

Client: Wipro

Job Overview:

As an OT Senior Cyber Security Analyst, you will be responsible for maintaining SecOps (Security Operations) solutions, controls and processes across the organisation. You will be mentoring and assisting with leading the SOC team to ensure appropriate prioritisation and remediation of OT alerts and incidents.

This role requires a deep understanding of SecOps concepts, technologies and best practices across IT and OT environments, as well as the ability to collaborate effectively with cross-functional teams. The ideal candidate will possess strong communication and incident management skills and will be committed to ensuring the highest level of security, compliance, and user experience.

Responsibilities:

Investigate security alerts from our SIEM tool and 3rd party MSSPs, and to provide appropriate incident response actions.

Liaise with technology and business stakeholders in relation to cyber security issues/incidents providing clear descriptions and actions.

Support the Cyber Security Operations Lead for security and privacy incidents, triaging events and performing root cause analysis to understand how incidents arise.

Acting as the key contact and escalation point for the SOC and Thames Water Digital teams.

Supporting out-of-hours incident investigations via an On-Call rota, covering 24*7*365 alongside our 3rd party MSSP.

Monitor, analyse and optimise SecOps tool performance (e.g. SIEM, PAM), identify potential issues, and recommend and implement proactive solutions.

Develop and maintain SecOps documentation, policies, and procedures.

Collaborate with stakeholders to understand business requirements and implementing security controls that are proportionate to the risk.

Maintain cyber security solutions with existing systems, applications, and infrastructure.

Evaluate and recommend technologies, tools, and vendors to meet business needs.

Perform proactive threat hunting for new and emerging cyber threats.

Specialist in Operational Technology systems, defining monitoring alerts and ensuring the operation of effective security controls.

Collect data that drives cyber security compliance metric dashboards.

Support compliance with relevant industry standards, regulations, and best practices, such as GDPR, NIS and ISO 27001.

Stay current on industry trends, emerging technologies, and best practices to continuously improve security operations.

This job involves:

Key Responsibilities

Expectations

Contextualize OT specific threats

Responsible for understanding the Operational Technology estate, specific OT threats and controls and mitigations that are in place. To be able to use tools such as Claroty to understand network traffic and OT hardware limitations to avoid downtime due to active scans.

Understand OT specific architecture frameworks

Reduce risks with overlaying context

Build direct relationships with Operations of the essential service alongside the OT team to understand and articulate operational risk and cyber risk.

Maintain Security Operations

Responsible for maintaining our security operations processes, including supporting an effective continuous improvement process surrounding the services provided. Familiarity desired with Microsoft security operations tools (e.g. Sentinel), and extensive knowledge of other security tools such as SOAR, EDR / XDR and IDAM.

Reductions over time in repetitive tickets/alerts demonstrating successful tuning of security tooling and processes.

Reduction over time in average time it takes to investigate and resolve security incidents demonstrating an increasing efficiency in SecOps processes.

Operational metrics evidencing the effectiveness of security controls.

Proactive Risk Remediation

Follow a risk-based approach to continually identify, analyse and evaluate the effectiveness of security controls and relate them to appropriate (and proportionate) security controls. Responsible for helping the business to deliver new security controls and for performing proactive activities (e.g. threat hunting) to continuously evaluate and uncover vulnerabilities throughout the technology stack.

Act as an ambassador within the Cyber Security team for the application of a risk-based approach and continuous risk reduction.

Collate the data supporting dashboards with robust SecOps metrics that evidence the tangible reduction in risk and technical debt.

4

Incident Readiness & Response

The Security Operations team holds primary responsibility for cyber security incident triage, management, and response. A consistent and reliable level of service is provided around both preparing the business for a significant cyber security incident (e.g. ransomware attack) and actual responses to live incidents. Responses to incidents are run in a structured, measured and auditable manner with continuous improvement integrated into incident management processes to ensure processes are always adapting to the changing threat landscape.

Reduction over time in business impacts experienced as a result of cyber security incidents.

Time between incident identification and remediation/closure reduces over time.

The business is periodically educated on incident management procedures and readiness activities.

All staff are aware of what constitutes a cyber security incident and how it should be reported.

5Continuous Improvement

Demonstrate an ability to improve processes over time whether that be increases in efficiency or using automation. The more efficient SecOps processes are the shorter response time to incidents will be and the more time will be available to proactive security activities such as threat hunting.

Gradual improvement over time of operational efficiencies as reporting in metrics/KPIs/dashboards.

Demonstrable use of automation to eliminate manual processes.

The qualifications, experience, technical skills, competencies, and values required are:

Strong analytical and problem-solving abilities

Some hands-on exposure to cyber security concepts and principles

Experience in working with third party delivery partners and MSSPs

Decision making and judgement

Ability to innovate technical solutions

Excellent planning and organising capabilities

Essential Experience

Minimum of 3 years of experience working with technical Cyber Security controls, preferably in an enterprise environment

Minimum of 3 years of experience in control systems of essential service (ICS, SCADA, CNI)

Exposure to working in or with a security operations centre (SOC)

Triaging problems or issues in a structured and disciplined manner

Experience in remediating cyber risks in ever-changing digital environments

Essential Technical Skills & Qualifications

Ability to explain complex IT / Security problems in a simple manner to non-technical audiences

Strong understanding of OT infrastructure, networking, and end-user computing.

Experience writing Kusto Query Language (KQL) for creating and tuning SIEM queries and alerts.

Proficient in configuration and troubleshooting of multi-factor authentication (MFA), Privileged Access Management (PAM) and Security Information & Event Management (SIEM) systems, in particular Microsoft Sentinel.

Desirable Experience

Familiarity with managing network security capabilities such as NAC (Network Access Control), Firewalls, Proxies/VPN, IDS/IPS, etc.

Leading and mentoring a team to deliver operational excellence.

Desirable Technical Skills & Qualifications

Degree in Cyber Security, Computer Science, Information Technology, Engineering, or related field.

Microsoft SecOps specific certification(s) e.g. Microsoft Security Operations Analyst (SC-200, AZ-900)

Any generic cyber security industry certification(s) such as CCSP, OT-specific certification(s) e.g. Claroty Cybersecurity Analyst

Are you in a Security Operations Centre and every day is the same? We can assure you that there is no boredom in our role.

We have a growing Cyber practice in our Defence sector and support enterprise scale clients. Now we have opportunities for L2 SOC Analysts to join in our success and work with multiple, high profile clients. You must have proven experience working in a busy SOC with a tech-firs.

WHJS1_UKTJ

Este es un puesto de trabajo remoto.

Monitor, detect, and analyze cybersecurity incidents affecting insured clients or MDR service alerts.

Conduct incident response investigations, including malware analysis, phishing, ransomware, vulnerabilities, and intrusion attempts.

Manage crisis situations and support threat actor negotiations in ransomware incidents.

Triage and prioritize alerts, escalate critical threats, and provide actionable recommendations.

Develop and maintain detection use cases: rules, playbooks, and indicators of compromise (IOCs).

Contribute to threat intelligence collection and analysis (TTPs, IOCs, campaigns, CVEs).

Draft clear and structured incident reports, including executive summaries and technical deep-dives.

Collaborate with internal teams (broker managers, customer support, developers) and external stakeholders (brokers, partners, law enforcement).

Drive continuous improvement of CERT processes, automation, and tooling.

Bachelor’s degree in Cybersecurity, Computer Science, or equivalent experience.

Strong hands-on experience in SOC operations and SIEM/EPP tools (CrowdStrike, SentinelOne, or similar).

Proven expertise in incident response and digital forensics (log, disk, and memory analysis; tools such as Velociraptor or KAPE).

Knowledge of threat intelligence practices, ATT&CK mapping, and vulnerability management.

Proficiency in scripting and automation (Python, Bash, PowerShell).

Solid understanding of Windows/Linux systems and cloud environments.

Excellent analytical, communication, and reporting skills.

Languages: fluent Spanish and English; Portuguese is highly valued.

Previous experience working in fully remote environments is a strong plus.

100% remote role with flexibility and autonomy.

Opportunity to join a CERT team with direct impact on protecting against critical cyber threats.

International environment, working closely with brokers, partners, and law enforcement.

Work with cutting-edge cybersecurity technologies and contribute to continuous process and tooling improvements.

Career development within a strategic sector where cybersecurity and insurance converge.

ROLE TITLE: SOC Analyst - SC Cleared
LOCATION: Hursley

The ideal candidate will have active SC Clearance or be eligible to undergo SC Clearance.

We are actively looking to secure an SOC Analyst to join Experis.

Experis Consultancy is a Global entity with a well-established team with over 1000 consultants on assignment across 20 clients globally. Our UK operation is growing and has very aggressive plans for expansion over the coming years. We form part of the Manpower group of companies that turn over $20 billion a year collectively.

Experis UK have partnerships with major clients across the UK spanning multiple industries; our approach is a very personal one, with both our clients and our own employees. We are passionate about training, technology and career development.

Skills required:

• Microsoft Certified: Security Operations Analyst Associate Certification (SC200) is a mandatory requirement for role fulfilment
• Experience working with SIEM technologies and security tooling
• An understanding of IT Infrastructure and Networking An understanding of vulnerability and threat management
• An understanding of the incident response lifecycle T
• he ability to work in a close team and independently
• The ability to be adaptable to a high pace changeable workload
• An interest in security and threat management

Nice to have skills

• A SOC Analyst will be responsible for providing Protective Monitoring Services across a range of Secure Customers.
• They will be responsible for the day to day monitoring using various SIEM Tools (Qradar, Sentinel & LogRhythm). Some of the responsibilities that come along with this role include the following: Security Analytics Incident investigation, triage and escalation Threat monitoring and response Trend reporting Rule tuning and continual service improvement
• The role involves working alongside other team members including SOC engineers and Service Managers.

Benefits Include:

• Contributory pension scheme
• Employee Assistance Program
• Medical and Dental cover
• 22 days holiday + bank holidays
• Maternity Pay/Shared Parental leave and paternity leave
• Sick pay

Suitable Candidates should submit CVs in the first instance.

ROLE TITLE: SOC Analyst - SC Cleared
LOCATION: Hursley

The ideal candidate will have active SC Clearance or be eligible to undergo SC Clearance.

We are actively looking to secure an SOC Analyst to join Experis.

Experis Consultancy is a Global entity with a well-established team with over 1000 consultants on assignment across 20 clients globally. Our UK operation is growing and has very aggressive plans for expansion over the coming years. We form part of the Manpower group of companies that turn over $20 billion a year collectively.

Experis UK have partnerships with major clients across the UK spanning multiple industries; our approach is a very personal one, with both our clients and our own employees. We are passionate about training, technology and career development.

Skills required:

• Microsoft Certified: Security Operations Analyst Associate Certification (SC200) is a mandatory requirement for role fulfilment
• Experience working with SIEM technologies and security tooling
• An understanding of IT Infrastructure and Networking An understanding of vulnerability and threat management
• An understanding of the incident response lifecycle T
• he ability to work in a close team and independently
• The ability to be adaptable to a high pace changeable workload
• An interest in security and threat management

Nice to have skills

• A SOC Analyst will be responsible for providing Protective Monitoring Services across a range of Secure Customers.
• They will be responsible for the day to day monitoring using various SIEM Tools (Qradar, Sentinel & LogRhythm). Some of the responsibilities that come along with this role include the following: Security Analytics Incident investigation, triage and escalation Threat monitoring and response Trend reporting Rule tuning and continual service improvement
• The role involves working alongside other team members including SOC engineers and Service Managers.

Benefits Include:

• Contributory pension scheme
• Employee Assistance Program
• Medical and Dental cover
• 22 days holiday + bank holidays
• Maternity Pay/Shared Parental leave and paternity leave
• Sick pay

Suitable Candidates should submit CVs in the first instance.