Security Operations Center Analyst

SOC Analyst (L3) - Senior Incident ResponderLocation: Birmingham (Hybrid)Salary: Up to £70,000 (depending on experience) + bonusNOTE: Candidates for this role must be eligible for UK Security Clearance (SC).We’re looking for a hands-on L3 Senior Incident Responder who can lead on complex security investigations, manage high-severity incidents, and bring real expertise in Splunk and wider SIEM technologies. This is a critical role within the SOC, where you’ll be the escalation point for L1 and L2 analysts and take ownership of incident containment, remediation, and post-incident review.What you’ll do:Act as the L3 escalation point, leading investigations into complex incidents escalated by L1/L2 analysts.Use Splunk and other SIEM tools to detect, investigate, and respond to security events.Perform detailed forensic analysis, root cause analysis, and malware investigation.Lead incident response activities end-to-end, ensuring containment, eradication, and recovery.Develop, refine, and own SOC use cases, runbooks, and playbooks to drive continual service improvement.Liaise directly with clients, providing clear guidance and recommendations.Mentor and support junior SOC analysts, ensuring best practice is followed.Keep up to date with the latest threats, vulnerabilities, and attack vectors, integrating threat intel into monitoring.What we’re looking for:Proven L3 SOC experience.5+ years’ experience in IT security, ideally within a SOC/NOC environment.Strong knowledge and hands-on expertise with Splunk(other SIEM exposure beneficial).Solid understanding of DFIR principles, vulnerability management, and ethical hacking.Strong grasp of network traffic flows, malware analysis, and reverse engineering.Excellent written and verbal communication skills for client interaction and reporting.Ability to work independently, lead investigations, and mentor team members.Eligible for or holding SC Clearance.Relevant certifications (e.g. CISSP, GIAC, SC-200) are highly desirable.If you’re ready to take ownership at L3 level and bring your Splunk expertise to the table, we want to hear from you.

Created: 2025-10-11