Soc Analysts

Description:

Our SOC Analysts form the first line of defence within our cyber security operations. You will be responsible for monitoring and assessing security events, mitigating and defending against malicious activity, and adapting to an evolving threat landscape. This role operates as a triage specialist, managing and configuring security tools, containing and remediating attacks, and preventing unauthorised access to critical systems and data.

This position requires flexibility to work shifts (including unsociable hours, weekends, and bank holidays where these fall within your rota) as part of a 24/7 operational team.

Principal Duties and Responsibilities

• Monitor and identify cyber security threats and SIEM alerts that pose, or may pose, a risk to clients.
• Triage alerts across a wide range of security controls and determine urgency, escalating to Tier 2 where appropriate.
• Ensure investigation steps are clearly documented and escalated accurately when required.
• Provide Tier 1 resolution for basic security incidents, including initial reporting, follow‑ups, and requests for further information or action.
• Communicate directly with CyberClan customers regarding security incidents, emerging threats, and related matters.
• Produce and maintain documentation relevant to the SOC and the role.
• Contribute to continual improvement of the SOC knowledge base.
• Collaborate with CyberClan’s global teams during incident response activities.
• Support research into global security events, issues, and trends, producing advisories for customers where relevant.
• Manage and configure security monitoring tools.
• Investigate intrusion attempts and conduct in‑depth exploit analysis.
• Perform cyber threat research and analysis to strengthen network security.
• Assist in defining, testing, and operating new processes or technologies introduced to the SOC.
• Provide analytical insights on client network traffic patterns relating to malware and other threats.
• Manage and update service requests and incidents to ensure Service Level Agreements (SLAs) are met.
• Continuously develop technical and personal skills and support the development of colleagues.
• Proactively contribute to business KPIs.
• Adhere to all Information Security and company policies.
• Engage with strategic incident response and threat intelligence partners.
• Undertake additional responsibilities, training, and tasks as reasonably requested by line management.
• Conduct periodic assurance reviews and produce associated reports.
• Participate in internal security awareness initiatives and training programme.

Person Specification

Qualifications

• Bachelor’s degree in a relevant field (e.g., Computer Science, Information Technology, Cyber Security) or equivalent professional experience.
• Security+ or equivalent certification (e.g., CompTIA CySA+, GSEC).
• ITIL Foundation certification.

Skills, Knowledge, and Experience

• Experience using SOC tooling to identify and analyse threats.
• Familiarity with collaboration tools.
• Strong analytical mindset and structured approach to problem‑solving.
• Previous SOC analysis experience is advantageous.
• Willingness to share expertise and support team knowledge growth.
• Understanding of IT systems, networking, and the wider threat landscape, including:
• Network fundamentals (OSI model, TCP/IP, DNS, HTTPS, firewall logs).
• Cloud platforms (AWS, Google Cloud, Azure).
• Active Directory, Group Policies, PowerShell.
• Endpoint protection technologies (AV, web filtering, ATP, encryption).
• IDS/IPS systems.
• SIEM platforms.
• SOAR experience is an advantage.
• Understanding of malware capabilities, attack vectors, and impacts.