Security Analyst

• Monitor and triage security alerts between 8:00 AM and 5:00 PM (UK time), ensuring timely prioritization and escalation of high and critical severity threats in accordance with defined SLAs

• Participate in a 24/7 on-call rotation (approximately one week every 4–5 weeks), with the expectation of rapid response to incidents

• 6–24 months of SOC experience in real-time monitoring and incident response

• Hands-on experience with Splunk Cloud SIEM (alert triage, rule tuning, analytics)

• Experience with EDR, Email Security, and vulnerability management

• Familiarity with CASB/DLP and Web Application Firewalls

• Knowledge of cloud security best practices

• Bachelor’s degree in Cybersecurity, Computer Science, IT, or equivalent

• 2–3 years of SOC L1/L2 experience in real-time monitoring and incident response

• Strong experience with Splunk (including SPL for advanced queries and automation)

• Hands-on experience with tools such as SentinelOne, Cylance, Mimecast, Netskope, Fastly WAF/CDN, Tenable, SOCRadar, KnowBe4, Jira, Slack/MS Teams, and PagerDuty

• Experience developing and tuning SIEM detection rules and incident response playbooks