×
Register Here to Apply for Jobs or Post Jobs. X
More jobs:

Lead Security Operations Center Analyst; f​/m​/d

Job in Reading, Berkshire, RG1, England, UK
Listing for: Thinkproject
Full Time position
Listed on 2026-06-26
Job specializations:
  • IT/Tech
    Cybersecurity
Salary/Wage Range or Industry Benchmark: 65000 - 85000 GBP Yearly GBP 65000.00 85000.00 YEAR
Job Description & How to Apply Below
Position: Lead Security Operations Center Analyst (f/m/d)

Introducing Thinkproject Platform

Pioneering a new era and offering a cohesive alternative to the fragmented landscape of construction software, Thinkproject seamlessly integrates the most extensive portfolio of mature solutions with an innovative platform, providing unparalleled features, integrations, user experiences, and synergies.

What do we do?

By combining information management expertise and in-depth knowledge of the building, infrastructure, and energy industries, Thinkproject empowers customers to efficiently deliver, operate, regenerate, and dispose of their built assets across their entire lifecycle through a Connected Data Ecosystem.

What your day will look like

We are looking for a highly experienced and technically skilled Lead Security Operations Centre (SOC) Analyst to join our team and take ownership of the day to day operation and continuous improvement of our Security Operations Centre. This role combines deep technical expertise with operational leadership, people management, and project delivery responsibilities, ensuring the SOC remains effective in identifying, investigating, and responding to advanced security threats, issues, and vulnerabilities across the organisation.

As the lead member of the team, you will oversee SOC operations, manage and coordinate complex security investigations, and provide technical leadership during all incidents. You will lead investigations into sophisticated threats such as advanced persistent threats (APTs), malware outbreaks, and targeted attacks, whilst performing hands on analysis of security events, forensic evidence collection, and root cause analysis. You will also drive the development and enhancement of detection capabilities across SIEM, EDR, and other monitoring technologies, while continuously improving SOC processes, procedures, workflows, automation, and playbooks to increase operational effectiveness and maturity.

You will actively engage in threat hunting, leveraging your deep understanding of application code, infrastructure and hosting architectures (cloud and on premises), the software development lifecycle (SDLC), and CI/CD pipeline solutions to identify risks that span traditional and cloud native environments. You will collaborate closely with Security Engineering, IT, Dev Ops, and application teams to improve detection coverage, enhance monitoring capabilities, and strengthen the organisation's overall security posture.

Alongside your technical responsibilities, you will provide line management for SOC analysts, including mentoring, coaching, performance management, and professional development, whilst overseeing workload prioritisation, SOC reporting, and the successful delivery of projects associated with SOC tooling, automation, compliance, and operational maturity.

This role encompasses reactive incident response, proactive detection engineering, threat hunting, vulnerability management, and operational leadership. You will also contribute to strategic initiatives including penetration testing coordination, security assessments, audit preparation, threat intelligence activities, and the maintenance of SOC documentation and reporting.

This role sits within the Product Operations and Corporate IT branch, reporting to the Director of Cyber Security and Networking, and operates as part of the broader Cyber Security, Network, and Security Engineering teams.

Main Responsibilities
  • Independently investigate and respond to security alerts and events from SIEM, EDR, and other security tools across endpoints, networks, cloud platforms, and applications.
  • Lead proactive threat hunting activities, leveraging threat intelligence, application logs, and infrastructure telemetry to uncover indicators of compromise or stealthy threat activity.
  • Perform in-depth analysis of logs, API configurations and traffic, container environments, network data, application and infrastructure architecture, as well as data centre hosting environments to support threat detection, incident investigation, and root cause analysis.
  • Manage complex cybersecurity incidents end-to-end, including containment, eradication, recovery, and post-incident analysis, while coordinating closely with cross-functional stakeholders.
  • Deploy, operate, configure, and tune SIEM platforms and detection tools to enhance signal accuracy, reduce alert fatigue, and maintain effective detection coverage.
  • Design, build, and maintain incident response playbooks and automation workflows to increase the efficiency, speed, and consistency of incident response processes.
  • Simultaneously manage multiple active investigations and day-to-day SOC operations, effectively prioritise tasks and manage time under pressure.
  • Conduct forensic analysis during investigations, including evidence preservation, malware analysis, memory examination, and root cause identification.
  • Collaborate with Dev Ops, IT, and development teams to ensure timely containment, mitigation, and remediation of vulnerabilities and threats.
  • Coordinate…
Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary