CrawlJobs Logo

SOC Analyst (Level 2)

keyrock.com Logo

Keyrock

Location Icon

Location:
United States; Spain; Belgium; United Kingdom; France; Poland; Italy; Netherlands; Germany; Portugal; Ireland , Remote

Category Icon
Category:
IT - Administration

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

Not provided
Save Job
Save Icon
Apply Position

Job Description:

As a SOC Analyst (Level 2), you are the escalation point for complex investigations and active incidents. You’ll take ownership of high-severity alerts, lead technical triage through containment, and coordinate with Incident Response, Cloud/Platform, Identity, and Engineering teams. You’ll also improve SOC quality by tuning detections, refining playbooks, mentoring Level 1 analysts, and driving post-incident learnings into better controls.

Job Responsibility:

  • Advanced detection and investigation
  • Incident response and containment
  • Threat intelligence and adversary tradecraft
  • Detection engineering and SOC improvement
  • Operational leadership

Requirements:

  • 2–5+ years of SOC / incident response / security operations experience (or equivalent hands-on experience in a fast-paced production environment)
  • Strong ability to investigate across cloud security operations, endpoint security, identity, and core network fundamentals
  • Proficiency with at least one SIEM and common SOC tooling (e.g., Splunk/Elastic/Sentinel
  • CrowdStrike/Defender
  • Jira/ServiceNow)
  • Ability to write clear incident documentation: timelines, scope, impact, containment actions, and recommended remediations
  • Comfort operating in an on-call or shift environment (depending on coverage model)

Nice to have:

  • Detection engineering experience: correlation rules, Sigma/KQL/SPL, alert pipelines, SOAR automation
  • DFIR fundamentals: triage acquisition, volatile vs. non-volatile evidence, endpoint artifact analysis
  • Container/Kubernetes logging and runtime security exposure
  • Practical scripting (Python/Bash) for analysis and automation
  • Digital-asset ecosystem exposure and 24/7 trading operations familiarity
  • Certifications (optional): GCIH, GCIA, GCED, SC-200, AWS Security Specialty, or equivalent

Additional Information:

Job Posted:
February 18, 2026

Employment Type:
Fulltime
Work Type:
Remote work
Icon
Keyrock - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for SOC Analyst (Level 2)

SOC Cyber Analyst

BAE Systems are seeking a Level 1 SOC Cyber Analyst to join the TMCT security te...
Location
Location
United Kingdom , Hereford
Salary
Salary:
55.90 GBP / Hour
outsource-uk.co.uk Logo
Outsource UK
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 2–4 years’ experience in a SOC, IT operations or cybersecurity support role
  • Understanding of key cyber threats such as malware, phishing, lateral movement and privilege escalation
  • Working knowledge of network fundamentals, authentication systems and Windows/Linux system logs
  • Experience using SIEM platforms such as Microsoft Sentinel, Splunk, Elastic or QRadar
  • Experience using ticketing or case management systems such as Jira, ServiceNow or The Hive
  • Strong analytical and investigative skills with the ability to interpret alerts and security logs
  • Excellent written and verbal communication skills
  • Must be eligible for SC and DV clearance
Job Responsibility
Job Responsibility
  • Review and assess alerts escalated by the outsourced SOC, validating accuracy and determining potential impact
  • Perform first-line analysis using tools such as SIEM platforms, device logs and firewall logs
  • Work directly with end users and asset owners to gather additional information and guide immediate containment actions such as asset isolation or password resets
  • Escalate confirmed or high-severity incidents to Level 2 SOC analysts or internal response teams with clear and accurate documentation
  • Maintain detailed case notes, timelines and evidence within the case management system to support investigations and compliance requirements
  • Act as a key communication point between the internal security team and external SOC provider
  • Follow established triage and escalation procedures and suggest improvements where appropriate
  • Fulltime
Read More
Arrow Right

L3 Security Analyst

Join Vodafone’s Cyber Defence Operations Center of Excellence (CDO) and play a p...
Location
Location
United Kingdom , Newbury
Salary
Salary:
Not provided
vodafone.com Logo
Vodafone
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experienced SOC analyst (Level 2 or above) with at least 4 years in security event analysis and incident response
  • Strong technical knowledge of networking protocols, operating systems (Windows/Linux), and security technologies (SIEM, EDR, IDS/IPS, firewalls, proxies)
  • Hands-on experience with SIEM tuning and SOAR automation
  • Familiarity with frameworks like MITRE ATT&CK and cyber kill chain
  • Knowledge of cloud platforms (Azure, AWS, Google Cloud) and scripting/programming skills
  • Excellent analytical, communication, and collaboration skills, with the ability to explain technical concepts to non-technical audiences
  • Passion for continuous learning and professional development, ideally working toward certifications such as GCIA, GCIH, GCFA, GNFA, CEH, or ECSA
  • A proactive, disciplined approach and the ability to work independently or as part of a team in a fast-paced environment
Job Responsibility
Job Responsibility
  • Investigate and validate threats using cutting-edge tools
  • Collaborate with global teams on incident investigations
  • Mentor colleagues to uplift skills across the CSOC
  • Fine-tuning SIEM systems and automating response actions
  • Delivering insightful security reports and advisories
What we offer
What we offer
  • Yearly bonus: 10%
  • Annual leave: 28 days + bank holidays + the opportunity to buy/sell/carry over 5 days/year
  • Charity days: 5 days/year
  • Maternity leave: 52 weeks: the first 13 weeks are fully paid, followed by 26 weeks of half pay
  • Private pension: You can contribute up to 5% of your basic pay with 2:1 matching from Vodafone up to 10%
  • Access to: private medical, private dental, free health assessments, share save scheme
  • Additional discounts: Vodafone retail, gym, cinema, cycle to work, season ticket loan
Read More
Arrow Right

SOC Analyst (Level 1)

As a SOC Analyst (Level 1), you are the first line of defense for monitoring, tr...
Location
Location
Salary
Salary:
Not provided
keyrock.com Logo
Keyrock
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 0–2 years in a SOC / security monitoring / IT operations role (or equivalent hands-on experience, internships, labs)
  • Practical knowledge of security fundamentals: networking, DNS, HTTP(S), identity/authentication, and malware basics
  • Familiarity with log investigation and event triage concepts
  • Familiarity with common security tools and workflows (any of the following): SIEM (Splunk/Elastic/Sentinel), EDR (CrowdStrike/Defender), ticketing (Jira/ServiceNow), basic SOAR concepts
  • Strong written communication: produce clear, escalation-ready tickets and timelines
  • Ability to work rotating shifts/on-call (as required), including weekends/holidays depending on coverage model
Job Responsibility
Job Responsibility
  • 24/7 monitoring and alert triage across SIEM/EDR/cloud security tooling
  • identify false positives vs. credible threats and set appropriate severity
  • Initial investigation and enrichment: gather relevant logs/telemetry, add context, and document findings clearly in the case/ticketing system
  • Escalation and coordination: escalate confirmed/suspected incidents quickly and cleanly to L2/IR with a complete handoff (timeline, scope, IOCs, actions taken)
  • Runbook execution: follow SOPs for common events (phishing, suspicious logins, endpoint detections, cloud key/token risk, malware alerts, data exfiltration signals), including containment actions you’re authorized to perform
  • Threat-aware analysis: map alerts to adversary behaviors (e.g., MITRE ATT&CK techniques) to improve understanding and escalation quality
  • Operational hygiene: maintain accurate shift handovers, update watchlists and investigation notes, and identify recurring alert patterns for tuning recommendations
What we offer
What we offer
  • Work in a fast-moving, globally distributed environment shaping the future of digital financial markets
  • A culture that expects ownership, learning, and continuous improvement
  • Fulltime
Read More
Arrow Right
New

Senior SOC Analyst Level 2

Senior SOC Analyst Hemel Hempstead, UK | Fully On-Site 24/7 Shift Pattern Up to ...
Location
Location
United Kingdom , Hemel Hempstead
Salary
Salary:
50000.00 - 58000.00 GBP / Year
thepeoplenetwork.co.uk Logo
Fynity
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Proven experience working in a Security Operations Centre (SOC)
  • Hands-on SIEM experience (Microsoft Sentinel, Splunk, or similar)
  • Strong understanding of MITRE ATT&CK and modern detection techniques
  • Confident analysis across logs, endpoints and network traffic
  • Solid knowledge of core networking protocols (TCP/IP, DNS, HTTP, SMTP)
  • Awareness of enterprise security tooling (firewalls, AV, VPNs, IDS/IPS)
  • Eligibility for DV Clearance (sole British National, UK resident for the past 10 years)
Job Responsibility
Job Responsibility
  • Monitoring, triaging and investigating security alerts in highly secure environments
  • Analysing threats using SIEM, endpoint telemetry, network traffic and logs
  • Supporting live incident response, escalation and containment activities
  • Enhancing detections, rules and playbooks aligned to MITRE ATT&CK
  • Producing clear, high-quality incident reports for both technical and senior stakeholders
  • Contributing to threat intelligence and proactive defence initiatives
  • Staying ahead of emerging TTPs, tooling and adversary behaviour
What we offer
What we offer
  • 20% Shift Allowance
  • Fulltime
Read More
Arrow Right

Apprentice SOC Analyst

We have an exciting opportunity for an Apprentice SOC Analyst to join our growin...
Location
Location
United Kingdom , Reading
Salary
Salary:
Not provided
fsp.co Logo
FSP
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • A levels (or equivalent)
  • Must hold GCSEs at Level 2 or above in both English and Maths
  • Genuine interest in starting a career in cyber security
  • Curious and analytical
  • Detail‑focused
  • Comfortable working through problems in a structured and logical way
  • Well organised and dependable
  • Motivated to build both technical knowledge and practical workplace skills over time
  • Strong alignment with FSP values and ethos
  • Commitment to teamwork, quality and mutual success
Job Responsibility
Job Responsibility
  • Monitor and triage security alerts across our customers’ environments under the guidance of senior analysts
  • Assist in initial investigation of incidents, gathering evidence and documenting activity
  • Learn how to detect and analyse common cyber threats, risks and vulnerabilities
  • Develop skills in security tooling, with a focus on Microsoft security technologies
  • Support improvements to SOC playbooks, documentation and reporting
  • Help maintain accurate records of incidents to ensure high quality service delivery
  • Contribute to team discussions, knowledge sharing, and continuous improvement
  • Stay informed about new security threats, technologies and best practices as part of your apprenticeship learning
What we offer
What we offer
  • A collaborative and supportive environment in which you can grow and develop your career
  • The tools and opportunity to do work you can be proud of
  • A chance to work alongside some of the best people in the industry
  • Hybrid working
  • Industry leading coaching and mentoring
  • Competitive salary and an excellent benefits package
  • Fulltime
Read More
Arrow Right

Security Analyst Detect & Respond

Become a Security Guardian! We are seeking a highly motivated Security Analyst (...
Location
Location
Poland , Łódź
Salary
Salary:
Not provided
arrive.com Logo
Arrive
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 4+ years of hands-on experience in a Security Analyst, SOC, or Incident Response role
  • Strong experience with SIEM platforms (e.g., Splunk, Sentinel, Crowdstrike, Rapid7)
  • Hands-on experience with EDR tools (e.g., CrowdStrike, Defender, SentinelOne)
  • Strong understanding of networking fundamentals, security principles, and common attack vectors
  • Excellent analytical, communication, and collaboration skills, with the ability to translate technical findings into business-impact language
Job Responsibility
Job Responsibility
  • Investigate and analyze security alerts from SIEM, EDR, Dark Web Monitoring & Cloud Security Tools
  • Provide comprehensive support for incident response activities, including containment, eradication, and recovery
  • Perform thorough root cause analysis and document incident findings
  • Develop and refine incident response playbooks
  • Work effectively and collaboratively with our Managed Security Service Provider (MSSP)
  • Conduct hypothesis-driven threat hunting across endpoint, network, and cloud environments
  • Leverage EDR tooling to detect lateral movement and suspicious activity
  • Stay continuously up-to-date on emerging threat intelligence and attacker behaviors
  • Managing the incident from the moment it is escalated by Tier 1 until final closure, ensuring adherence to established frameworks like the NIST or SANS incident response lifecycles
  • Acting as the primary technical point of contact during an active incident. This involves directing IT operations, network engineers, or system administrators on exactly what systems need to be isolated, patched, or restored
  • Fulltime
Read More
Arrow Right

Director of Physical Security & Compliance

Crusoe is expanding our hyper-scale AI and high-performance computing (HPC) data...
Location
Location
United States , San Francisco
Salary
Salary:
225000.00 - 280000.00 USD / Year
crusoe.ai Logo
Crusoe
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 10+ years in physical security or mission-critical infrastructure
  • Deep knowledge of operating physical security technologies and system design
  • Experience with in a high-availability environment
  • Experience implementing controls for SOC 2, ISO, NIST, and similar frameworks
  • Proven ability to manage multi-site security operations and compliance programs
  • Strong incident management and risk assessment background
  • Experience designing or scaling enterprise security systems across multi-site environments
  • Strong understanding of SOC 2, ISO 27001, NIST, and related frameworks
  • Background managing guard operations, access control, and incident response
  • Ability to lead programs from zero-to-one and influence senior stakeholders
Job Responsibility
Job Responsibility
  • Operationalize the global physical security strategy, and ensure data center alignment with enterprise security standards, and policies
  • Implement the security risk framework within Data Center Facility Operations
  • Translate enterprise security requirements into site-specific designs for new campuses
  • Conduct site-level security risk and threat assessments
  • Establish a scalable security operations model for 50–400 MW hyper-scale facilities
  • Own the operational lifecycle of dedicated physical security systems (ACS, VSS, IDS)
  • Execute site-level operational controls to ensure adherence to compliance programs for SOC 2, ISO 27001/27002, NIST 800-53, and other regulations
  • Maintain operational documentation, logs, and evidence of adherence to established internal controls
  • Maintain year-round audit readiness for physical access to cages, racks, and on-site office rooms
  • Ensure operational availability, resiliency, and scalability of security infrastructure
What we offer
What we offer
  • Restricted Stock Units in a fast growing, well-funded technology company
  • Health insurance package options that include HDHP and PPO, vision, and dental for you and your dependents
  • Employer contributions to HSA accounts
  • Paid Parental Leave
  • Paid life insurance, short-term and long-term disability
  • Teladoc
  • 401(k) with a 100% match up to 4% of salary
  • Generous paid time off and holiday schedule
  • Cell phone reimbursement
  • Tuition reimbursement
  • Fulltime
Read More
Arrow Right

SOC Analyst

SOC Analyst – SC Cleared – 12 Month Contract – Hereford
Location
Location
United Kingdom , Hereford
Salary
Salary:
55.00 - 75.00 GBP / Hour
morson.com Logo
Morson Talent
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Previous experience in a SOC, IT Operations, or security support role
  • Understanding of key security concepts including malware, phishing, lateral movement and privilege escalation
  • Working knowledge of network fundamentals, windows/Linux system logs and authentication systems
  • Working knowledge of SIEM platforms (e.g. Microsoft sentinel, Splunk, Elastic, QRadar)
  • Awareness of security frameworks and methodologies (NIST CSF, MITRE ATT&CK, ISO27001)
Job Responsibility
Job Responsibility
  • Alert Triage: Review and assess alerts escalated by the outsourced SOC
  • validate their accuracy and determine potential impact
  • Initial Investigation: Perform first-line investigation using available tools (SIEM, Device Logs, firewall logs and SIEM alerts)
  • User Interaction: Engage with affected end users or asset owners to collect additional information, verify events, or guide immediate containment steps (e.g. asset isolation, password reset)
  • Escalation: Escalate confirmed or high severity incidents to the Level 2 SOC (outsourced) or internal incident response teams, ensuring complete and accurate handoff documentation
  • Incident Documentation: Create and maintain detailed case notes, timelines, and evidence within the case management system to support investigations and compliance requirements
  • Collaboration: Serve as the coordination point between the security team and the external SOC partner, maintaining strong communication and situational awareness
  • Playbook Execution: follow established triage and escalation playbooks
  • suggest improvements based on recurring issues or inefficiencies
  • Threat Awareness: Maintain awareness of current cyber threats, attacker techniques (MITRE ATT&CK), and industry trends relevant to the organisations threat landscape
Read More
Arrow Right