Senior SOC Analyst

Recruitment Partner - SOC & Cyber Defence

Level 3 SOC Analyst
Salary:
Up to £82,000 + Bonus + Private Healthcare

A leading UK retail organisation is continuing to invest heavily in its cyber security capabilities and is looking to hire an experienced Level 3 SOC Analyst to join a mature and well-established Security Operations function.

This role sits at the sharp end of detection, investigation, and response. You’ll be responsible for handling complex security incidents, improving detection capability, and acting as a technical escalation point for the wider SOC team, while working closely with engineering, threat intelligence, and security leadership.

• Act as the final escalation point for complex security alerts and incidents across the enterprise
• Lead and coordinate incident response activities
  , including containment, eradication, and post-incident reviews
• Perform advanced threat hunting and proactive investigations using SIEM, EDR, and cloud telemetry
• Develop, tune, and optimise detection rules aligned to MITRE ATT&CK
• Work extensively with the Microsoft Security stack
  , including Sentinel, Defender XDR, Entra , and M365 Security
• Improve SOC processes, playbooks, and response procedures to reduce MTTD and MTTR
• Support and mentor Level 1 and Level 2 analysts, raising overall SOC capability
• Collaborate with wider security teams (engineering, IAM, cloud, risk) on remediation and security improvements
• Provide clear technical reporting and recommendations to both technical and non-technical stakeholders

• Proven experience working as a Level 3 / Senior SOC Analyst or equivalent role
• Strong hands‑on experience with the Microsoft security ecosystem (Sentinel, Defender, MDE, MDI)
• Deep understanding of incident response
  , attacker TTPs, and kill‑chain methodologies
• Experience creating and tuning SIEM detections and alerts
• Strong knowledge of Windows environments
  , Active Directory, Azure, and M365
• Experience with threat hunting and forensic investigation techniques
• Comfortable working in a hybrid on‑site model (1–3 days per week in London)
• Experience in large‑scale or enterprise environments
• Exposure to retail, e‑commerce, or high‑volume customer‑facing environments
• Scripting or automation experience (Power Shell, KQL, Python)
• Relevant certifications such as GCIA, GCED, GCIH, SC‑200, or similar

• Salary up to £82,000 depending on experience
• Annual performance bonus
• Hybrid working (London‑based, 1–3 days per week)
• Opportunity to work in a high‑impact SOC role within a well‑funded security programme
• Clear progression and the chance to influence SOC strategy and detection maturity

Mid‑Senior level

Full‑time

Information Technology

Computer and Network Security

Referrals increase your chances of interviewing at Info Sec People Ltd by 2x