Security Operations Analyst

Job title: Security Operations Analyst

Department: IT

Location: Remote

Hours: 37.5 hours per week

Salary: Competitive

We\’re looking for a Security Operations Analyst to be part of our success story.

**Listed in the 2022 Sunday Times 100: Britain\’s fastest-growing private companies.
**Great career development opportunities – grow with us.

About the role

We are seeking a hands-on Security Operations Analyst to play a key role in strengthening Activate Group\’s cyber resilience and response capability. You will work within the IT and Platform teams to identify, analyse, and respond to security incidents across our enterprise environment, ensuring threats are detected early and resolved efficiently.

The ideal candidate will be technically strong, highly analytical, and confident working across diverse technologies. You will collaborate closely with our Security Operations Centre (SOC), infrastructure teams, and external partners to ensure our network, cloud, and endpoint environments remain secure, monitored, and compliant.

This role is suited to someone who enjoys problem-solving, digging into alerts, and continuously improving detection, response, and prevention measures.

Responsibilities

Monitoring & Incident Response

• Triage and investigate alerts raised by the SOC and other monitoring platforms.
• Perform detailed incident response activities, including containment, eradication, and recovery.
• Conduct root cause analysis on security incidents and coordinate post-incident reviews.
• Provide technical input to refine detection and escalation processes.

Threat Detection & Prevention

• Maintain and tune security tools to reduce false positives and improve visibility across the environment.
• Assist in developing and implementing new detection rules, dashboards, and automation scripts.
• Review firewall, WAF, and endpoint configurations to ensure compliance with best practices.
• Support vulnerability scanning, patch management, and remediation activities.

Collaboration & Continuous Improvement

• Work alongside the Infrastructure, Platform, and DevOps teams to embed security into operations and deployments.
• Assist in implementing improvements to endpoint protection, SIEM configurations, and network defences.
• Support initiatives aligned with ISO 27001 and Cyber Essentials Plus compliance.
• Provide regular security reporting and updates to the IT Leadership team.

Documentation & Governance

• Maintain accurate incident logs, configuration documentation, and response playbooks.
• Assist in security audits, penetration test follow-ups, and evidence gathering for compliance reviews.
• Contribute to policy updates and awareness initiatives across the organisation.

Skills and Experience

• Proven experience in a hands-on Security Operations or SOC role.
• Strong understanding of network, endpoint, and cloud security concepts.
• Experience with security platforms such as Sentinel, Elastic, or similar SIEM tools.
• Good working knowledge of Microsoft 365, Azure, and endpoint protection solutions.
• Experience with pfSense and Cisco firewalls desirable.
• Familiarity with scripting or automation (PowerShell, Python, or Ansible).
• Knowledge of vulnerability management and patch automation tools.
• Strong analytical and investigative skills, with a proactive approach to problem-solving.
• Excellent communication skills, with the ability to convey technical findings clearly.
• Relevant certifications such as CompTIA Security+, CySA+, SSCP, or equivalent experience advantageous.

Benefits

• 33 days holiday (including