Senior SOC Analyst x 2

Senior SOC Analyst x 2 - £615 per day - Inside IR35 - Remote - contract until end of March 2026 - Candidates with active SC clearance or those with a recently lapsed clearance will be prioritised.

Our client, one of the UKs largest producers of zero carbon energy, is looking for 2 Senior SOC Analysts to join their Security Operations Centre.

This is an excellent opportunity for an experienced SOC professional to step into a senior role, leading on complex investigations and incident response within a high-profile environment.

The Role -

The Senior SOC Analyst will act as the technical expert within the SOC, responsible for handling escalations from Tier 1 and Tier 2 analysts and managing the most complex security incidents. You will lead deep-dive investigations, improve detection and response processes, and play a key role in stakeholder engagement.

Key responsibilities include:

• Analysing advanced security incidents, determining root cause and attack paths.
• Leading incident response activities across SIEM, EDR/XDR, networks, and cloud platforms.
• Producing clear, business-focused incident reports and updates for senior stakeholders.
• Advising on SOC tooling and ensuring effective integration of incident response requirements.
• Supporting security exercises, crisis response, and compliance alignment with industry frameworks.

Candidate Profile -

The successful candidate will bring:

• Significant experience in SOC operations and cyber incident response.
• Strong knowledge of adversary TTPs and frameworks such as MITRE ATT&CK.
• Hands-on skills in log analysis, anomaly detection, and incident remediation.
• Experience working in traditional IT and cloud (Azure and/or AWS) environments.
• Strong communication skills with the ability to translate technical threats into business terms.

Tools & Technologies -

You will work with a modern SOC technology stack, including:

• SIEM: Microsoft Sentinel
• EDR/XDR: Microsoft Defender for Endpoint
• Threat Intel: Recorded Future
• Network Analysis: Wireshark / tcpdump
• SOAR & Automation: Palo Alto Cortex XSOAR, ServiceNow SecOps
• Vulnerability Management: Tenable Nessus / Tenable.io
• Other nice to have tools: Shodan, Censys, BloodHound, Metasploit, Cobalt Strike, MITRE ATT&CK Navigator
• Cloud Security (advantageous): AWS GuardDuty, Security Hub, CloudTrail, Detective, Macie, Config, Inspector, VPC Flow Logs

Security clearance -

Due to the nature of this role, Security Check (SC) clearance is required. Candidates with active SC clearance or those with a recently lapsed clearance will be prioritised during the shortlisting process.