CrawlJobs Logo
Keyrock Logo Keyrock · IT - Administration

SOC Analyst (Level 2)

United States; Spain; Belgium; United Kingdom; France; Poland; Italy; Netherlands; Germany; Portugal; Ireland, Remote · Job Posted February 18, 2026
Apply Position
Job Link Share

Job Description

As a SOC Analyst (Level 2), you are the escalation point for complex investigations and active incidents. You’ll take ownership of high-severity alerts, lead technical triage through containment, and coordinate with Incident Response, Cloud/Platform, Identity, and Engineering teams. You’ll also improve SOC quality by tuning detections, refining playbooks, mentoring Level 1 analysts, and driving post-incident learnings into better controls.

Job Responsibility

  • Advanced detection and investigation
  • Incident response and containment
  • Threat intelligence and adversary tradecraft
  • Detection engineering and SOC improvement
  • Operational leadership

Requirements

  • 2–5+ years of SOC / incident response / security operations experience (or equivalent hands-on experience in a fast-paced production environment)
  • Strong ability to investigate across cloud security operations, endpoint security, identity, and core network fundamentals
  • Proficiency with at least one SIEM and common SOC tooling (e.g., Splunk/Elastic/Sentinel
  • CrowdStrike/Defender
  • Jira/ServiceNow)
  • Ability to write clear incident documentation: timelines, scope, impact, containment actions, and recommended remediations
  • Comfort operating in an on-call or shift environment (depending on coverage model)

Nice to have

  • Detection engineering experience: correlation rules, Sigma/KQL/SPL, alert pipelines, SOAR automation
  • DFIR fundamentals: triage acquisition, volatile vs. non-volatile evidence, endpoint artifact analysis
  • Container/Kubernetes logging and runtime security exposure
  • Practical scripting (Python/Bash) for analysis and automation
  • Digital-asset ecosystem exposure and 24/7 trading operations familiarity
  • Certifications (optional): GCIH, GCIA, GCED, SC-200, AWS Security Specialty, or equivalent
Keyrock - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

SOC Analyst (Level 2)

8 matching positions

Senior SOC Analyst Level 2

Senior SOC Analyst Hemel Hempstead, UK | Fully On-Site 24/7 Shift Pattern Up to ...
Location
Location
United Kingdom , Hemel Hempstead
Salary
Salary:
50000.00 - 58000.00 GBP / Year
thepeoplenetwork.co.uk Logo
Fynity
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Proven experience working in a Security Operations Centre (SOC)
  • Hands-on SIEM experience (Microsoft Sentinel, Splunk, or similar)
  • Strong understanding of MITRE ATT&CK and modern detection techniques
  • Confident analysis across logs, endpoints and network traffic
  • Solid knowledge of core networking protocols (TCP/IP, DNS, HTTP, SMTP)
  • Awareness of enterprise security tooling (firewalls, AV, VPNs, IDS/IPS)
  • Eligibility for DV Clearance (sole British National, UK resident for the past 10 years)
Job Responsibility
Job Responsibility
  • Monitoring, triaging and investigating security alerts in highly secure environments
  • Analysing threats using SIEM, endpoint telemetry, network traffic and logs
  • Supporting live incident response, escalation and containment activities
  • Enhancing detections, rules and playbooks aligned to MITRE ATT&CK
  • Producing clear, high-quality incident reports for both technical and senior stakeholders
  • Contributing to threat intelligence and proactive defence initiatives
  • Staying ahead of emerging TTPs, tooling and adversary behaviour
What we offer
What we offer
  • 20% Shift Allowance
  • Fulltime
Read More
Arrow Right

SOC Analyst (Level 1)

As a SOC Analyst (Level 1), you are the first line of defense for monitoring, tr...
Location
Location
Salary
Salary:
Not provided
keyrock.com Logo
Keyrock
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 0–2 years in a SOC / security monitoring / IT operations role (or equivalent hands-on experience, internships, labs)
  • Practical knowledge of security fundamentals: networking, DNS, HTTP(S), identity/authentication, and malware basics
  • Familiarity with log investigation and event triage concepts
  • Familiarity with common security tools and workflows (any of the following): SIEM (Splunk/Elastic/Sentinel), EDR (CrowdStrike/Defender), ticketing (Jira/ServiceNow), basic SOAR concepts
  • Strong written communication: produce clear, escalation-ready tickets and timelines
  • Ability to work rotating shifts/on-call (as required), including weekends/holidays depending on coverage model
Job Responsibility
Job Responsibility
  • 24/7 monitoring and alert triage across SIEM/EDR/cloud security tooling
  • identify false positives vs. credible threats and set appropriate severity
  • Initial investigation and enrichment: gather relevant logs/telemetry, add context, and document findings clearly in the case/ticketing system
  • Escalation and coordination: escalate confirmed/suspected incidents quickly and cleanly to L2/IR with a complete handoff (timeline, scope, IOCs, actions taken)
  • Runbook execution: follow SOPs for common events (phishing, suspicious logins, endpoint detections, cloud key/token risk, malware alerts, data exfiltration signals), including containment actions you’re authorized to perform
  • Threat-aware analysis: map alerts to adversary behaviors (e.g., MITRE ATT&CK techniques) to improve understanding and escalation quality
  • Operational hygiene: maintain accurate shift handovers, update watchlists and investigation notes, and identify recurring alert patterns for tuning recommendations
What we offer
What we offer
  • Work in a fast-moving, globally distributed environment shaping the future of digital financial markets
  • A culture that expects ownership, learning, and continuous improvement
  • Fulltime
Read More
Arrow Right

SOC Analyst

SOC Analyst – SC Cleared – 12 Month Contract – Hereford
Location
Location
United Kingdom , Hereford
Salary
Salary:
55.00 - 75.00 GBP / Hour
morson.com Logo
Morson Talent
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Previous experience in a SOC, IT Operations, or security support role
  • Understanding of key security concepts including malware, phishing, lateral movement and privilege escalation
  • Working knowledge of network fundamentals, windows/Linux system logs and authentication systems
  • Working knowledge of SIEM platforms (e.g. Microsoft sentinel, Splunk, Elastic, QRadar)
  • Awareness of security frameworks and methodologies (NIST CSF, MITRE ATT&CK, ISO27001)
Job Responsibility
Job Responsibility
  • Alert Triage: Review and assess alerts escalated by the outsourced SOC
  • validate their accuracy and determine potential impact
  • Initial Investigation: Perform first-line investigation using available tools (SIEM, Device Logs, firewall logs and SIEM alerts)
  • User Interaction: Engage with affected end users or asset owners to collect additional information, verify events, or guide immediate containment steps (e.g. asset isolation, password reset)
  • Escalation: Escalate confirmed or high severity incidents to the Level 2 SOC (outsourced) or internal incident response teams, ensuring complete and accurate handoff documentation
  • Incident Documentation: Create and maintain detailed case notes, timelines, and evidence within the case management system to support investigations and compliance requirements
  • Collaboration: Serve as the coordination point between the security team and the external SOC partner, maintaining strong communication and situational awareness
  • Playbook Execution: follow established triage and escalation playbooks
  • suggest improvements based on recurring issues or inefficiencies
  • Threat Awareness: Maintain awareness of current cyber threats, attacker techniques (MITRE ATT&CK), and industry trends relevant to the organisations threat landscape
Read More
Arrow Right

Apprentice SOC Analyst

We have an exciting opportunity for an Apprentice SOC Analyst to join our growin...
Location
Location
United Kingdom , Reading
Salary
Salary:
Not provided
fsp.co Logo
FSP
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • A levels (or equivalent)
  • Must hold GCSEs at Level 2 or above in both English and Maths
  • Genuine interest in starting a career in cyber security
  • Curious and analytical
  • Detail‑focused
  • Comfortable working through problems in a structured and logical way
  • Well organised and dependable
  • Motivated to build both technical knowledge and practical workplace skills over time
  • Strong alignment with FSP values and ethos
  • Commitment to teamwork, quality and mutual success
Job Responsibility
Job Responsibility
  • Monitor and triage security alerts across our customers’ environments under the guidance of senior analysts
  • Assist in initial investigation of incidents, gathering evidence and documenting activity
  • Learn how to detect and analyse common cyber threats, risks and vulnerabilities
  • Develop skills in security tooling, with a focus on Microsoft security technologies
  • Support improvements to SOC playbooks, documentation and reporting
  • Help maintain accurate records of incidents to ensure high quality service delivery
  • Contribute to team discussions, knowledge sharing, and continuous improvement
  • Stay informed about new security threats, technologies and best practices as part of your apprenticeship learning
What we offer
What we offer
  • A collaborative and supportive environment in which you can grow and develop your career
  • The tools and opportunity to do work you can be proud of
  • A chance to work alongside some of the best people in the industry
  • Hybrid working
  • Industry leading coaching and mentoring
  • Competitive salary and an excellent benefits package
  • Fulltime
Read More
Arrow Right

SOC Analyst L1

Join NTT DATA as a SOC Analyst (L1) in Birmingham, where you'll monitor and inve...
Location
Location
United Kingdom , Birmingham
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Willingness to work in a job that involves 24/7 operations onsite in Birmingham, this will probably be 4 days on, 4 days off
  • Preferably be able to obtain SC Clearance or already hold SC clearance
  • Strong verbal and written English communication
  • Strong interpersonal and presentation skills
  • Strong analytical skills
  • Must have expertise on TCP/IP network traffic and event log analysis
  • Must have knowledge and hands-on experience of Microsoft Sentinel (or any SIEM tool)
  • Must have administrative skills in several operating systems, such as Windows, OS X, and Linux
  • Must be proficient in basic shell scripting, creating Snort rules, or other log-searching query languages and methods
  • Must be confident to handle common security incidents independently
Job Responsibility
Job Responsibility
  • Monitor, triage, analyse and investigate alerts, log data and network traffic using the Protective Monitoring platform and Internet resources to identify cyber-attacks / security incidents
  • Categorise all suspected incidents in line with the Security Incident policy
  • Recognise potential, successful, and unsuccessful intrusion attempts and compromises through reviews and further analysis of relevant event detail and incident summary information
  • Write up high quality security incident tickets using a combination of existing knowledge resources and independent research
  • Assist with remediation activities (or support customer stakeholders) to inhibit cyber-attacks, clean up IT systems and secure networks against repeat attacks
  • Produce security incident review reports to present information about the security incident and provide security improvement recommendations based on the security incident review
  • Understand Threat Intelligence and its use in an operational environment
  • Threat Hunting and the ability to look for attacks that may not have been captured
  • Support incident response to national scale incidents in a coaching capacity
  • Support in the development and implementation of SOC Use Cases
What we offer
What we offer
  • We offer a range of tailored benefits that support your physical, emotional, and financial wellbeing
  • Our Learning and Development team ensure that there are continuous growth and development opportunities for our people
  • We also offer the opportunity to have flexible work options
  • Fulltime
Read More
Arrow Right

SOC Analyst Senior Cyber Security Engineer

Position: SOC Analyst Senior Cyber Security Engineer. Experience: 2 to 4 yrs. Lo...
Location
Location
India , Noida
Salary
Salary:
Not provided
https://www.soprasteria.com Logo
Sopra Steria
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum 2-year experience working in security operations environment or 2 years’ experience in IT operations Data Centre, SOC/NOC
  • Very good English verbal & written communication skills
  • Good understanding of networking concepts and operating systems
  • Good understanding of key customer infrastructure components - Proxy, Firewall, Antivirus
  • Technical capability and maturity to assist and guide the team of Analysts
  • Should have worked and have good understanding of the following security tools: (SentinelOne IR, Service Now Tool, Microsoft Defender)
  • Ability to learn new skills and adopting new technologies and work collaboratively in an international context
  • Capability to understand and work in a complex environment and concern for quality and detail
  • Ability to synthesize and analyze a variety of contexts and manage customer confidentiality
  • Knowledge on ITIL basic practice
Job Responsibility
Job Responsibility
  • Ensure all threats at customer environment are detected and notified in timely manner
  • Continuous review of Incidents to ensure compliance with standard operating procedures
  • Provide training and feedback to Security Analysts to ensure high quality deliverables
  • Identify and execute continuous improvements in monitoring including threat scenarios and operating procedures
  • Interact with customers on queries and improvements related to service deliverables
  • Should know and able to contribute to MSSP services (Managed Security Services Provider)
  • Perform root cause analysis for any errors /deficiencies pointed out in the monitoring service
  • Review the alert to determine relevancy and urgency, create new trouble tickets for incident
  • Ensure thorough knowledge of Protection of Personal Identifiable Information and GDPR
Read More
Arrow Right

SOC Analyst (L1)

The Security Managed Services Engineer (L1) is an entry-level position responsib...
Location
Location
India , New Delhi
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • BE/BTech in Electronics/EC/EE/CS/IT Engineering
  • At least one security certification such as CCNA Security, CCSA, CEH, CompTIA
  • Minimum 2 years of experience in handling security related products & services and preferably SIEM solution
  • Adequate knowledge of security devices like firewalls, IPS, Web Application Firewall, DDOS, EDR, Incident response, SOAR and other security devices
  • Knowledge of packet level analysis
  • Knowledge of networking protocols and technologies and network security
  • Sound analytical and troubleshooting skills
Job Responsibility
Job Responsibility
  • Monitors client infrastructure and solutions
  • Identifies problems and errors prior to or when they occur
  • Routinely identifies common incidents and opportunities for avoidance as well as general opportunities for incident reduction
  • Investigates first line incidents assigned and identifies the root cause of incidents and problems
  • Provides telephonic or chat support to clients when required
  • Schedules maintenance activity windows for patching and configuration changes
  • Follows the required handover procedures for shift changes to ensure service continuity
  • Reports and escalates incidents where necessary
  • Ensures the efficient and comprehensive resolutions of incidents and requests
  • Updates existing knowledge articles or create new ones
  • Fulltime
Read More
Arrow Right

SOC Analyst

The Security Managed Services Engineer (L1) is an entry level engineering role, ...
Location
Location
India , New Delhi
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • BE/BTech in Electronics/EC/EE/CS/IT Engineering
  • At least one security certification such as CCNA Security, CCSA, CEH, CompTIA
  • Minimum 2 years of experience in handling security related products & services and preferably SIEM solution
  • Adequate knowledge of security devices like firewalls, IPS, Web Application Firewall, DDOS, EDR, Incident response, SOAR and other security devices
  • Knowledge of packet level analysis
  • Knowledge of networking protocols and technologies and network security
  • Sound analytical and troubleshooting skills
Job Responsibility
Job Responsibility
  • Monitors client infrastructure and solutions
  • Identifies problems and errors prior to or when they occur
  • Routinely identifies common incidents and opportunities for avoidance as well as general opportunities for incident reduction
  • Investigates first line incidents assigned and identifies the root cause of incidents and problems
  • Provides telephonic or chat support to clients when required
  • Schedules maintenance activity windows for patching and configuration changes
  • Follows the required handover procedures for shift changes to ensure service continuity
  • Reports and escalates incidents where necessary
  • Ensures the efficient and comprehensive resolutions of incidents and requests
  • Updates existing knowledge articles or create new ones
  • Fulltime
Read More
Arrow Right