-SOC Analyst (Tier 2)
-Glasgow
-£40,000 - £48,000 per annum
-ASAP Start

Our market-leading global client requires a SOC Analyst (Tier 2) with a breadth of experience across Cyber Security to join the team, throughout an exciting period of Change & Innovation. The role will be working with a global IT & Consultancy company, based in Glasgow, on multiple workstreams of a variety of complexity and scale.

This is a mid-Tier position within the Cyber Threat Analysis Centre (CTAC), responsible for advancing the initial work conducted by Tier 1 Analysts and providing more in-depth analysis of potential threats to the organisation.

The role is crucial in the investigation, triage, and response to cyber incidents while supporting the development and training of Tier 1 Analysts. The Tier 2 Analyst will work closely with senior and Junior Analysts to ensure a seamless SOC operation and act as a bridge between foundational and advanced threat detection and response functions.

This is a Full time on-site role, covering a 24x7 shift pattern, which will come with a shift allowance. Candidates will be required to have active SC, moving to DV clearance and must have at least 6 months working experience in SIEM technologies.

Responsibilities:

• Conduct escalated triage and analysis on security events identified by Tier 1 Analysts
• Apply expertise in SIEM solutions utilising Kusto Query Language (KQL)
• Identify and escalate critical threats to Tier 3 Analysts with detailed analysis for further action
• Monitor the threat landscape and document findings on evolving threat vectors
• Follow established incident response playbooks, providing feedback for enhancements and streamlining CTAC processes
• Co-ordinate with Tier 3 Analysts and management to refine detection and response workflows
• Collaborate with Tier 3 Analysts on tuning SIEM and detection tools to reduce false positives and improve alert fidelity
• Identify gaps in current detection content and work with Senior Analysts to develop and validate new detection rules
• Act as a mentor to Tier 1 Analysts and facilitating on-the-job training to elevate their technical skills and operational efficiency
• Assist in training sessions and knowledge-sharing activities, providing feedback on areas for growth and contributing to a supportive learning environment within the SOC.

Knowledge and Skills:

• Understands advanced networking concepts, including IP Addressing and basic network protocols
• Advanced knowledge of Windows and Linux operating environments
• Competence in using SIEM solutions (eg, ArcSight, Azure Sentinel) for monitoring and log analysis
• Able to demonstrate proficient knowledge using Kusto Query Language (KQL) to search and filter logs effectively.
• Familiar with open-source intelligence (OSINT) techniques to aid in identifying potential threats and gathering information.
• Able to communicate clearly and efficiently with team members and stakeholders
• Can communicate simple technical issues to non-technical individuals in a clear and understandable way.
• Able to create concise, structured reports
• Able to function efficiently during high-pressure situations

The above is not exhaustive. To discuss this opportunity in more detail, please forward your CV to (see below)