Job Title:
Senior SOC Analyst Level 3. Microsoft Security stack | Ability to achieve SC Clearance

Location:
Hybrid remote | London / Berkshire

Overview:
Senior SOC Analyst Level 3 to join a specialist Managed Security Services business. You will be responsible for advanced threat hunting / triage, incident response etc with a strong focus on the Microsoft Security Stack.

Key Responsibilities:

Lead and resolve complex security incidents / escalations
Conduct advanced threat hunting using the Microsoft Security Stack.
Build, optimise and maintain workbooks, rules, analytics etc.
Correlate data across Microsoft 365 Defender, Azure Defender and Sentinel.
Perform root cause analysis and post-incident reporting.
Aid in mentoring and upskilling Level 1 and 2 SOC analysts.

Required Skills & Experience:

The ability to achieve UK Security Clearance (SC) – existing clearance ideal. (Sorry no visa applications)
Current experience working with a SOC environment

Microsoft Sentinel:

Development and tuning of custom analytic rules.
Workbook creation and dashboarding.
Automation using Playbooks and SOAR integration.

Kusto Query Language (KQL):

Writing complex, efficient queries for advanced threat hunting and detection.
Correlating data across key tables (e.g., SignInLogs, SecurityEvent, OfficeActivity, DeviceEvents).
Developing custom detection rules, optimising performance, and reducing false positives.
Supporting Sentinel Workbooks, Alerts, and Playbooks through advanced KQL use.

Deep understanding of incident response, threat intelligence and adversary techniques (MITRE ATT&CK framework).
Strong knowledge of cloud and hybrid security, particularly within Azure.

Additional Requirements:

Must hold or be eligible to achieve a minimum of Security Clearance (SC) level.
Nice to have certifications (e.g., SC-200, AZ-500, GIAC) are desirable.
Strong problem-solving and analytical skills.
Excellent communication for clear documentation and team collaboration.
Please follow Wheaton’s Law.