Lead SOC Analyst

Overview

Lead SOC Analyst, Northampton, England, United Kingdom. Requires current SC clearance. Part of a 24/7 security operations centre (SOC) team to monitor systems, identify potential incidents, and initiate the early stages of incident response.

• Security Monitoring & Detection:
  Continuously monitor security tools and SIEM platforms (e.g., Splunk) to identify suspicious or anomalous activity; respond to potential threats per established procedures; analyse alerts and logs to distinguish legitimate incidents from false positives; classify, prioritise, and escalate incidents following defined triage processes; perform initial containment for confirmed incidents (e.g., isolating affected hosts or accounts).
• Escalation:
  Escalate incidents to Level 2 or Level 3 analysts for deeper investigation and remediation as required.
• Documentation & Reporting:
  Create accurate incident tickets and reports describing findings, actions taken, and recommendations; maintain clear, organised documentation for audit, review, and knowledge sharing; provide direction and support to junior analysts within your shift.
• Tool Maintenance & Optimisation:
  Assist with upkeep, tuning, and optimisation of security tools to ensure maximum effectiveness and reliability.

• Strong analytical and problem-solving skills with excellent attention to detail.
• Ability to work effectively under pressure in a fast-paced operational environment.
• Clear written and verbal communication skills.
• Experience using Splunk within a SOC environment.
• Bachelor’s degree in Computer Science, Cyber Security, Information Technology, or a related field (or equivalent relevant experience).

• Seniority level:
  Mid-Senior level
• Employment type:
  
  Full-time
• Job function:
  Administrative

We are an equal opportunity employer and value diversity. We do not discriminate on the basis of race, religion, colour, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.