CareerAddict

Ai Soc Analyst

Posted on Jul 2, 2026 by Talent Smart Limited
Sheffield, Yorkshire, United Kingdom
IT
27 Jul 2026
£575 - £575 Daily
Contract/Project

Security Operations Centre (SOC) Analyst - AI Security

Location: Sheffield (Hybrid - 2 days per week onsite)
Contract: 6 months (Inside IR35)
Day Rate: £575

Overview

A leading Tier 1 financial services organisation is seeking an experienced Security Operations Centre (SOC) Analyst to join a growing AI Security function responsible for protecting the organisation's adoption of enterprise AI technologies.

As organisations increasingly leverage Large Language Models (LLMs) such as Claude Code to improve software engineering and business productivity, ensuring these platforms remain secure is critical. This role will focus on monitoring, detecting, investigating, and responding to security events associated with AI-assisted development, while helping to build the next generation of AI-specific security operations capabilities.

Working within the SOC, you will collaborate closely with Cyber Defence, Security Engineering, Threat Intelligence, and AI Governance teams to develop detection capabilities, improve incident response, and protect the organisation against emerging AI-related threats.

Key Responsibilities

  • Monitor, investigate, and respond to security events generated through enterprise AI platforms, including Claude Code.
  • Monitor SIEM dashboards and alerts for AI-related security events, including unusual prompt activity, authentication anomalies, DLP alerts, and suspicious API usage.
  • Investigate and triage security incidents, determining severity and escalating confirmed threats through established incident response processes.
  • Develop, tune, and optimise SIEM detection rules for AI-specific attack scenarios including:
    • Prompt injection attempts
    • Data exfiltration
    • Credential misuse
    • API abuse
    • Abnormal AI usage patterns
  • Conduct daily security log analysis and audit reviews across AI-enabled services.
  • Produce weekly operational metrics, dashboards, and threat reporting.
  • Support AI-focused incident response exercises, simulations, and tabletop scenarios.
  • Develop and maintain SOC playbooks and operational runbooks for AI security incidents.
  • Work with Security Engineering teams to continuously improve monitoring coverage and detection capability.
  • Contribute to the development of security controls supporting enterprise AI adoption.

Essential Skills & Experience

  • Minimum 3 years' experience within a Security Operations Centre (SOC), Cyber Defence, or Security Monitoring environment.
  • Strong experience using enterprise SIEM platforms including:
    • Splunk
    • Microsoft Sentinel
    • IBM QRadar
  • Excellent security event investigation and threat analysis skills.
  • Experience creating and tuning SIEM detection rules.
  • Good understanding of the MITRE ATT&CK Framework.
  • Experience analysing web traffic, APIs, authentication events, and application security logs.
  • Strong understanding of security incident life cycle and SOC operations.
  • Excellent analytical and problem-solving skills.

Desirable Skills

  • Experience securing AI or Large Language Model (LLM) environments.
  • Understanding of AI attack techniques including:
    • Prompt Injection
    • Data Leakage
    • Model Misuse
    • Jailbreaking
    • AI Supply Chain Risks
  • Knowledge of Claude Code, GitHub Copilot, Microsoft Copilot, ChatGPT Enterprise, or similar AI platforms.
  • Experience with SOAR technologies including:
    • Splunk SOAR
    • Palo Alto Cortex XSOAR
  • Experience with DLP technologies and cloud security monitoring.
  • Understanding of Secure Software Development and DevSecOps practices.

Qualifications

  • Security+, CySA+, GSEC, or equivalent cybersecurity certification.
  • SIEM vendor certifications desirable.
  • Cloud security certifications (AWS, Azure, GCP) advantageous.

Personal Attributes

  • Curious about emerging AI technologies and their security implications.
  • Strong analytical mindset with excellent investigative skills.
  • Calm and methodical during security incidents.
  • Collaborative team player who enjoys working across Cyber, Engineering, and Technology teams.
  • Passionate about continuous learning and improving security operations.

Reference: 3132203094

https://jobs.careeraddict.com/post/113500616

Ai Soc Analyst

Posted on Jul 2, 2026 by Talent Smart Limited

Print
Sheffield, Yorkshire, United Kingdom
IT
27 Jul 2026
£575 - £575 Daily
Contract/Project

Security Operations Centre (SOC) Analyst - AI Security

Location: Sheffield (Hybrid - 2 days per week onsite)
Contract: 6 months (Inside IR35)
Day Rate: £575

Overview

A leading Tier 1 financial services organisation is seeking an experienced Security Operations Centre (SOC) Analyst to join a growing AI Security function responsible for protecting the organisation's adoption of enterprise AI technologies.

As organisations increasingly leverage Large Language Models (LLMs) such as Claude Code to improve software engineering and business productivity, ensuring these platforms remain secure is critical. This role will focus on monitoring, detecting, investigating, and responding to security events associated with AI-assisted development, while helping to build the next generation of AI-specific security operations capabilities.

Working within the SOC, you will collaborate closely with Cyber Defence, Security Engineering, Threat Intelligence, and AI Governance teams to develop detection capabilities, improve incident response, and protect the organisation against emerging AI-related threats.

Key Responsibilities

  • Monitor, investigate, and respond to security events generated through enterprise AI platforms, including Claude Code.
  • Monitor SIEM dashboards and alerts for AI-related security events, including unusual prompt activity, authentication anomalies, DLP alerts, and suspicious API usage.
  • Investigate and triage security incidents, determining severity and escalating confirmed threats through established incident response processes.
  • Develop, tune, and optimise SIEM detection rules for AI-specific attack scenarios including:
    • Prompt injection attempts
    • Data exfiltration
    • Credential misuse
    • API abuse
    • Abnormal AI usage patterns
  • Conduct daily security log analysis and audit reviews across AI-enabled services.
  • Produce weekly operational metrics, dashboards, and threat reporting.
  • Support AI-focused incident response exercises, simulations, and tabletop scenarios.
  • Develop and maintain SOC playbooks and operational runbooks for AI security incidents.
  • Work with Security Engineering teams to continuously improve monitoring coverage and detection capability.
  • Contribute to the development of security controls supporting enterprise AI adoption.

Essential Skills & Experience

  • Minimum 3 years' experience within a Security Operations Centre (SOC), Cyber Defence, or Security Monitoring environment.
  • Strong experience using enterprise SIEM platforms including:
    • Splunk
    • Microsoft Sentinel
    • IBM QRadar
  • Excellent security event investigation and threat analysis skills.
  • Experience creating and tuning SIEM detection rules.
  • Good understanding of the MITRE ATT&CK Framework.
  • Experience analysing web traffic, APIs, authentication events, and application security logs.
  • Strong understanding of security incident life cycle and SOC operations.
  • Excellent analytical and problem-solving skills.

Desirable Skills

  • Experience securing AI or Large Language Model (LLM) environments.
  • Understanding of AI attack techniques including:
    • Prompt Injection
    • Data Leakage
    • Model Misuse
    • Jailbreaking
    • AI Supply Chain Risks
  • Knowledge of Claude Code, GitHub Copilot, Microsoft Copilot, ChatGPT Enterprise, or similar AI platforms.
  • Experience with SOAR technologies including:
    • Splunk SOAR
    • Palo Alto Cortex XSOAR
  • Experience with DLP technologies and cloud security monitoring.
  • Understanding of Secure Software Development and DevSecOps practices.

Qualifications

  • Security+, CySA+, GSEC, or equivalent cybersecurity certification.
  • SIEM vendor certifications desirable.
  • Cloud security certifications (AWS, Azure, GCP) advantageous.

Personal Attributes

  • Curious about emerging AI technologies and their security implications.
  • Strong analytical mindset with excellent investigative skills.
  • Calm and methodical during security incidents.
  • Collaborative team player who enjoys working across Cyber, Engineering, and Technology teams.
  • Passionate about continuous learning and improving security operations.
Print

Reference: 3132203094

Share this job:
CareerAddict

Alert me to jobs like this:

Amplify your job search:

CV/résumé help

Increase interview chances with our downloads and specialist services.

CV Help

Expert career advice

Increase interview chances with our downloads and specialist services.

Visit Blog

Job compatibility

Increase interview chances with our downloads and specialist services.

Start Test

Similar Jobs

DevX_POD Lead (Kotlin/Java)

Sheffield, Yorkshire, United Kingdom