# Senior SOC Analyst

**Company:** [Focus Group](http://jobs.workable.com/companies/j6TQo4sVqdUNdqSiMkwWkZ.md)
**Location:** Manchester, United Kingdom
**Workplace:** hybrid
**Employment type:** Full-time
**Department:** Operations

[Apply for this job](http://jobs.workable.com/view/3461a4af-7add-42cc-9ee5-56d8ed3fc5c1)

## Description

### Senior SOC Analyst

**UK • Hybrid - 3 days a week in our Manchester office (**Suite B, Maple Court, M60 Office Park, Wynne Ave, Swinton, Clifton, Manchester, M27 8FF)

**£50-£55k (Dependent on experience) + benefits**

Focus Group is looking for a **Senior SOC Analyst** to play a key role within our Managed Security Services team. This is a dual‑focused position combining hands‑on technical expertise with day‑to‑day operational leadership, ensuring high‑quality delivery of managed detection and response services across a diverse customer base.

You’ll lead SOC operations, act as the escalation point for complex security incidents, and mentor junior analysts—driving both service excellence and team development.

### What you’ll do

-   Lead day‑to‑day SOC operations, ensuring effective triage, escalation, and communication workflows
-   Act as the primary escalation point for complex security investigations and incidents
-   Conduct advanced threat investigations across endpoints, networks, and cloud environments
-   Perform proactive threat hunting and detection tuning to improve coverage and reduce noise
-   Manage and mentor Tier 1–2 analysts, supporting development and technical growth
-   Ensure ticket quality, SLA adherence, and high service standards across SOC operations
-   Support onboarding of new customers into monitoring and detection platforms
-   Collaborate with Cyber Security leadership to improve detection strategy and SOC maturity
-   Analyse logs and security data to identify malicious or suspicious activity
-   Develop and maintain playbooks, runbooks, and knowledge base content
-   Produce clear, actionable incident reports for internal and customer stakeholders
-   Engage directly with customers during escalations, incident reviews, and briefings
-   Identify opportunities for automation, process improvement, and enhanced detection capabilities
-   Stay up to date with emerging threats, attack techniques, and MITRE ATT&CK developments

### What you’ll bring

-   4–6 years’ experience in a SOC or MSSP environment at Tier 2–3 or Lead level
-   Strong hands‑on experience with SIEM platforms (e.g. Microsoft Sentinel, Splunk, Elastic, LogPoint)
-   Experience with EDR tools such as Microsoft Defender, SentinelOne, or Bitdefender
-   Deep understanding of MITRE ATT&CK and modern threat detection methodologies
-   Strong incident response, investigation, and log analysis capability across multiple data sources
-   Ability to lead during high‑pressure incidents with calm, confident decision‑making
-   Strong communication skills, including producing clear incident reports and updates
-   Proven ability to mentor, coach, and support junior analysts
-   Organised approach with the ability to manage multiple concurrent incidents
-   Proactive mindset focused on continuous improvement and service optimisation

### Nice to have

-   Certifications such as SC‑200, GCIH, GCIA, Security+, or BTL1
-   Experience in an MSSP or multi‑customer environment
-   Microsoft security stack experience (Defender XDR, Sentinel, M365 security)
-   Knowledge of cloud security, email security, and vulnerability management
-   Experience with KQL or other query languages
-   Scripting skills (PowerShell, Python)
-   Familiarity with SOAR and threat intelligence platforms
-   Understanding of compliance frameworks (ISO 27001, NIST, Cyber Essentials)

### Future opportunities

-   SOC Manager / Head of Security Operations
-   Cyber Security Technical Lead
-   Detection Engineering Lead
-   Threat Intelligence Lead
-   Incident Response Manager
-   Security Consultant / Advisory