Soc Analyst jobs in United Kingdom

The Information and Cyber Security team are responsible for identifying and mitigating cyber security risks for the firm and ensuring continued compliance against specific regulatory and best practice standards. We’re recruiting for a skilled SOC Analyst to join our growing security operations team with 3+ years of experience. You’ll play a key role in detecting, investigating, and responding to potential security incidents—helping us protect our infrastructure and data from evolving threats. It will be a hands‑on position, and candidates must have good experience working as a SOC Analyst before and understand several security domains such as Incident Response, Intrusion methods, Attack Monitoring, Networks, Threat, and Vulnerability Management. The role requires strong analytical skills, attention to detail, problem‑solving, and communication skills.

• Monitor and triage security alerts using SIEM platforms, applying advanced correlation rules and custom KQL queries to identify suspicious activity.
• Investigate and respond to security incidents, performing root‑cause analysis, impact assessment, and containment actions across endpoints, networks, and cloud environments.
• Develop and maintain detection rules and use cases, leveraging threat intelligence and MITRE ATT&CK mappings to improve detection fidelity.
• Automate repetitive tasks and enhance detection/response workflows using scripting languages such as Python, PowerShell, Logic app, workflow, and KQL.
• Create and maintain incident response playbooks, ensuring alignment with evolving threat landscapes and operational requirements.
• Perform threat hunting activities, proactively searching for indicators of compromise (IOCs) and tactics, techniques, and procedures (TTPs) across the environment.
• Contribute to continuous improvement of SOC processes, including documentation updates, tuning of alert thresholds, and enrichment of log sources.
• Collaborate with infrastructure, cloud, and application teams to support remediation efforts and improve overall security posture.
• Participate in a 24/7 on‑call rotation to provide out‑of‑hours support.

Our team is made up of talented professionals who combine technical excellence with a collaborative mindset and a passion for protecting our organisation. As a SOC Analyst, you’ll bring a proactive, analytical approach and a strong foundation in cyber operations. You’ll be able to demonstrate a supportive, flexible, and driven ethos, along with experience in:

• Operating, tuning, and configuring SIEM platforms (Sentinel, Defender for Endpoint, Defender for Cloud).
• Writing and optimizing detection queries using KQL.
• Investigating and responding to security incidents across endpoints, networks, and cloud environments.
• Reviewing and analysing firewall logs and configurations.
• Scripting in Python and PowerShell to automate detection and response workflows.
• Managing and enhancing email and web filtering policies.
• Implementing and reviewing Data Loss Prevention (DLP) controls.
• Conducting threat hunting and leveraging threat intelligence to improve detection capabilities.
• Holding one or more certifications such as CompTIA CySA+, EC-Council Certified SOC Analyst (CSA), GIAC Certified Incident Handler (GCIH), Microsoft SC‑200, Microsoft Certified: Cybersecurity Expert (SC‑100), SANS SEC511, or SANS SEC504.

People‑first culture: We believe that when people feel seen, supported, and valued, they do their best work. We foster a culture of respect, empathy, and belonging—where your voice matters and your well‑being comes first.

Inclusive environment: We welcome people of all backgrounds, identities, and experiences. Diversity isn’t just a value—it’s a strength.

Growth‑focused: We support learning, development, and career progression. Whether you’re deepening your expertise or exploring new paths, we’ll back you.

Purpose‑driven: Your work will help clients navigate legal challenges with confidence and clarity, making a real difference in their lives and businesses.