L3 SOC Analyst Lead

Our client, a leading organisation in the media sector, is seeking a Cyber Security Analyst to join their growing Security Operations team. This is an exceptional opportunity to work with a forward-thinking company that values innovation and security in a digital-first environment. Technology is at the core of their business, enabling them to create and distribute exceptional content, drive commercial success, and foster seamless collaboration. As they continue their digital transformation, their security team plays a vital role in ensuring efficiency and resilience. This is an exciting time to be part of their journey, offering a dynamic and inclusive work environment with opportunities for career growth and impact. About the Role As a Cyber Security Analyst, you will play a key role in monitoring and responding to security incidents, ensuring that the company’s systems and networks remain secure. You will collaborate with internal teams and stakeholders to identify risks, implement protective measures, and contribute to security awareness initiatives. Key Responsibilities Monitor, assess, and protect network infrastructure, applications, and assets from potential threats. Respond to security alerts and incidents, ensuring prompt resolution and mitigation. Utilize industry-leading security tools, including SIEM, MDR, endpoint protection, and cloud security solutions. Contribute to the continuous improvement of security runbooks and incident response processes. Identify opportunities for enhancing security technologies, processes, and strategies. Support cyber awareness training initiatives and promote security best practices across the business. Monitor open-source intelligence sources for emerging threats and recommend appropriate actions. Essential Skills & Experience Understanding of cybersecurity frameworks and best practices, including OWASP top ten. Familiarity with public cloud security concepts. Hands-on experience in managing security incidents. Awareness of the evolving cybersecurity threat landscape and the ability to apply knowledge effectively. Ability to work independently and collaboratively to solve complex security challenges. Preferred Skills & Attributes Strong communication and influencing skills. Ability to build and maintain effective working relationships. Proactive approach to problem-solving and process improvements. Willingness to support out-of-hours security incidents when necessary. Commitment to Diversity & Inclusion Our client is committed to fostering a diverse and inclusive workplace. Applications from individuals with disabilities are strongly encouraged, and reasonable accommodations can be provided during the application and selection process. If you require adjustments, please get in touch with our recruitment team. Employee Benefits Flexible working arrangements. Generous annual leave allowance, with the option to purchase additional days. Performance-based annual bonus. Competitive pension contributions. Employee share purchase schemes. Wellbeing and volunteer days to support a balanced lifestyle. For more details on this exciting opportunity, please reach out to our recruitment team.

*Unfortunately we're unable to offer sponsorship of this opportunity, you will need to be eligible for SC clearance* Trident Search have exclusively partnered with a award winning MSSP who have seen great growth over the last 24 months. They are now one of the largest consultancies that offer offensive and defensive security services. You'll work fully remote as a L1 SOC Analyst – this isn’t your typical L1 where you act as a “ticket monkey”. You will be fully emerged in the investigation, and you’ll work with your seniors through to remediation. This is a 24/7 SOC and you'll work 4 on 4 off, days and nights: 7am-7pm, 7pm-7am. Responsibilities • Continuous monitoring of MS tooling: Sentinel and Defender included. You will also get access to Darktrace, Crowdstrike and a bit of Elastic • Proactive threat hunting, utilizing KQL • Risk remediation and mitigation through technical controls within the stack mentioned above • Proactive security assessments - Phishing campaigns, SSO, etc.. Experience: • We’re looking for a minimum of 6-12 months experience as a SOC analyst • Sentinel experience is mandatory, if you can bring experience across Defender, Crowdstrike and Darktrace – that’d be a huge bonus. • Basic KQL query ability – greedy searches, filtering etc. • Experience of deploying, managing, and supporting of endpoint security platforms • Ability to standardize processes for efficiency and productivity, leveraging automation where applicable/possible Bonus: • Industry certs SC100, SC200 etc. • Powershell experience Please reach out to Gareth Davies @ Trident Search

Trident Search have exclusively partnered with one of the strongest security teams in the UK to bring in a L3 analyst to their team. They are integral to the UK CNI and are a household name. You will investigate and validate threats through data analysis, using a wide range of security tolls and defense products. A stand out candidate might come from a malware/threat hunting strong environment, or might have a keen interest in the field. Job Title: L3 SOC Analyst Location: 4 days on site per MONTH in Berkshire / Central London Hours: 09:00-17:30 Key Responsibilities: Lead the resolution of escalated security incidents such as sophisticated malware, APTs, and complex intrusions. Use expert-level forensic analysis and threat hunting techniques to contain and recover from incidents. Drive security event analysis to address emerging cyber threats and ensure comprehensive post-incident analysis.. Fine-tune SIEM configurations to filter false positives, detect advanced threats, and optimize alerting. Refine SOAR playbooks to automate response actions and improve incident response efficiency. Act as an escalation point for junior analysts, offering guidance and promoting knowledge sharing within the team. Contribute to threat response activities and collaborate with blue team efforts to identify threat group activities. Skills and Experience Proven SOC analyst experience (Level 2 or above) with extensive hands-on experience in security event analysis and incident response. If you have a passion for malware or come from a DFIR background, that would be advantageous. Strong understanding of networking protocols Expertise in Windows/Linux o/s and a variety of security technologies Familiarity with SOAR technologies Experience with security frameworks such as MITRE, Cyber Kill Chain, and APT strategies. Knowledge of cloud platforms (Azure, AWS, Google Cloud) and cloud security best practices. If you're seeking a opportunity where you'll be working with one of the strongest security teams in the UK, please reach out to Gareth Davies @ Trident Search.

Trident Search have exclusively partnered with a MS MSSP who are looking to hire their next L3 Team Lead. We have made 20+ placements with this client and have plenty of candidates who will attest to the technical standard of this client. You will be joining a high-performing team in a cutting-edge SOC where you'll oversee investigations, respond to incidents, provide customer-facing communication, and ensure operational excellence within the SOC. Location: Remote Hours: 09:00-17:30 (no on-call) Reports To: SOC Manager Key Responsibilities: Lead investigations into security incidents, breaches, and anomalies escalated to the SOC through the ITSM platform. Work closely with SOC analysts to conduct thorough and prompt analysis. Ensure all investigations are conducted according to established security protocols and procedures. Utilize and fine-tune advanced security tools such as SIEM (Security Information and Event Management), IDS/IPS (Intrusion Detection/Prevention Systems), and EDR (Endpoint Detection and Response) to detect and mitigate potential threats. Serve as a point of contact for customers during security incidents, providing clear, concise, and reassuring communication. Address customer inquiries regarding ongoing incidents and security threats, offering knowledgeable responses and technical clarity. Conduct regular service delivery meetings with clients to enhance satisfaction and ensure their needs are being met during and after incidents. Ensure that security incidents are reported in a timely and accurate manner to senior management and relevant stakeholders. Provide guidance and mentorship to SOC analysts through regular one-on-one sessions. Set high standards for behavior and performance and support the professional growth of the team. Identify training gaps and arrange development opportunities to ensure the SOC team maintains up-to-date knowledge of the latest security trends and tools. Foster a high-performance team culture, recognizing achievements and addressing any challenges that may arise within the team Experience: 3-5 years of experience in a SOC where you've had some leadership responsibilities. Able to discuss IR engagements you've had experience with: Ransomware Attacks, Malicious Insider, Malware Investigation Proficient in using and managing SIEM systems, IDS/IPS, EDR, and other security technologies. Familiarity with Microsoft environments and associated security tools is highly desirable. Experience with SOAR capabilities, including security orchestration, automation of workflows, and incident response playbook development, to streamline and enhance operational efficiency in security processes. Proven ability to lead investigations and manage escalated security incidents, ensuring prompt resolution and minimal impact. Ability to remain composed under pressure and effectively lead teams during high-stress incidents. Desirable Skills: Experience with Microsoft-based security solutions and technologies. You may also use Crowdstrike, Darktrace, Elastic etc. Certifications: GCIH, GCFA, MS certs etc.