Senior Security Analyst
- Reading
- £50,000-£60,000
- Permanent - Full time
Senior Security Analyst
📍 Reading (hybrid)
💰 £50,000 – £60,000 per annum
We’re working with a well-established managed services organisation in Reading to find a Senior Security Analyst to join their growing SOC function. This is a hands-on role for someone who genuinely enjoys the detection-and-response side of security – not just monitoring alerts, but tuning the rules behind them, automating the boring bits, and hunting for the threats nobody’s noticed yet.
You’ll be at the sharp end of incident response, working across SIEM, EDR and XDR platforms, with real ownership over the full incident lifecycle from triage through to closure.
What you’ll be doing:
- Owning security incidents end-to-end – triage, investigation, remediation, closure
- Running advanced investigations across SIEM, EDR and XDR platforms
- Designing and tuning SIEM detection rules to cut down false positives
- Mapping detection and response work against the MITRE ATT&CK framework
- Building automated security workflows using tools like Logic Apps, Python and APIs
- Proactively threat hunting using behavioural analytics and threat intelligence
- Monitoring and responding to security events across Azure, Microsoft 365 and AWS
- Investigating identity-based threats – suspicious sign-ins, privilege escalation, that kind of thing
- Supporting endpoint security (EDR, AV, patching)
- Acting as an escalation point for complex or high-risk incidents
- Supporting ISO 27001 and Cyber Essentials compliance
- Mentoring junior analysts and the wider service desk team
What you’ll bring:
- Solid experience in a Security Operations or SOC environment
- Hands-on experience with SIEM, EDR and SOAR platforms
- Proven detection engineering and SIEM rule-tuning experience
- Strong grasp of MITRE ATT&CK and similar threat frameworks
- Experience automating processes with Python, Logic Apps or APIs
- Comfortable investigating incidents across cloud, identity and endpoint environments
- Experience with platforms like Microsoft Sentinel, Defender XDR, CrowdStrike or similar
- Knowledge of Azure/AWS security monitoring
- Understanding of ISO 27001 and Cyber Essentials
- CISSP or similar certification desirable but not essential