RemoteLeaf Logo
Log in Sign up

Senior SOC Analyst

3 weeks, 4 days ago
United Kingdom
Full-time
Senior
Security Analyst
Cybersecurity
PowerShell Python
Apply Now
Phoenix Software

Phoenix Software

Phoenix Software specializes in leveraging information technology to empower the UK public sector to innovate and transform, facilitating the delivery of smart connected services to various stakeholders, including staff, citizens, patients, and students.

IT Services
251-1K
Founded 1990
View All Jobs 9

Description

  • Lead major security incidents from detection through remediation, including containment and attacker activity analysis.
  • Support clients through high-severity security events and critical decision-making during incident response.
  • Proactively hunt for threats using advanced KQL analytics and other SOC investigation techniques.
  • Enhance SIEM and EDR detections, tune rules, and develop signatures aligned to MITRE ATT&CK.
  • Perform malware triage and behavioural analysis, including reverse engineering when needed.
  • Produce clear investigation reports, timelines, and intelligence summaries for technical and non-technical audiences.
  • Contribute to SOC playbooks and help improve SOC processes, tooling, and overall capability.
  • Mentor junior analysts and support skill development within the SOC team.
  • Support onboarding of new customers and help integrate them into SOC operations.
  • Participate in the 24x7 on-call rota to provide expert support during critical incidents.

Requirements

  • Strong background in DFIR, SOC operations, or incident response.
  • Experience leading complex investigations and high-severity security incidents.
  • Ability to make confident decisions and guide clients through critical situations.
  • Strong communication skills with the ability to translate technical findings for any audience.
  • Collaborative mindset with willingness to work closely across teams.
  • Ability to mentor junior analysts and support skill development.
  • Comfortable working in fast-paced, high-pressure environments.
  • Proactive approach to improving SOC processes, playbooks, and detection capabilities.
  • Advanced SIEM expertise, ideally with Microsoft Sentinel and Defender XDR.
  • High-level KQL capability, with Python and PowerShell for automation.
  • Core digital forensics skills.
  • Experience with Velociraptor, KAPE, and sandbox tools.
  • Solid understanding of detection engineering.
  • Strong technical reporting and documentation skills.
  • Must have lived in the UK continuously for at least 5 years and have no criminal record to achieve clearance.
  • Must already have, or be able to obtain, NPPV3.
  • Fully remote role apart from an initial onboarding week on-site in Pocklington.
  • Shift pattern is 9:00am to 5:00pm with flexible start and finish times, plus on-call responsibilities.

Benefits

  • Fully remote working apart from an initial onboarding week on-site in Pocklington.
  • Flexible start and finish times.
  • Opportunity to join a culture focused on encouragement, support, and skill development.
  • Chance to work for a UK IT solution and managed service provider with a strong people-first culture.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Recorded Future

Fraud Analyst

Recorded Future 251-1K Professional Services

Recorded Future is seeking a Fraud Analyst to join its Threat Intelligence team and help investigate cyber threats, track threat activity, and produce intelligence for internal and external stakeholders.

United States Full-time Junior Security Analyst
$78k-$118k
Cybersecurity DNS Jupyter Python TCP/IP
8 hours, 9 minutes ago
Prolific

Fraud Analyst

Prolific 51-250 Professional Services

Prolific is hiring a Fraud Analyst in the UK to help protect its human data platform by investigating fraud, improving internal policies, and supporting safe participant experiences.

United Kingdom Full-time Mid Level Security Analyst
LLM Machine Learning Notion
10 hours, 52 minutes ago
Global Engineering & Technology, Inc. (GET)

Information System Security Officer (ISSO) - Remote

Global Engineering & Technology, Inc. (GET) 51-200 defense & space

Global Engineering and Technology (GET) is hiring a remote Information System Security Officer (ISSO) to support cybersecurity operations at a U.S. Department of Energy national security facility, with travel to Oak Ridge, Tennessee for initial training and equipment setup.

United States Full-time Senior Security Analyst
$115k-$145k
Cybersecurity
15 hours, 43 minutes ago
Klaviyo

Compliance Operations Analyst

Klaviyo 1K-5K IT Services

Klaviyo is hiring a Compliance Operations Analyst to help protect its sending platform by investigating abuse, supporting incident response, and improving compliance operations across cross-functional teams.

United States Full-time Mid Level Operations Analyst Security Analyst
$96k-$144k
Datadog LLM Looker Pandas Python Salesforce SIEM Splunk SQL Tableau
22 hours, 38 minutes ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers