Senior Security Analyst

You will work as part of a 24/7 Global Security Operations Centre. The Senior SOC Analyst plays a critical role in protecting the organisation from cyber threats by leading complex security investigations, proactively hunting for adversary activity and continuously improving detection fidelity. This role acts as a senior escalation point within the SOC, providing investigatory leadership, mentoring analysts, and shaping how investigatory tooling including AI‑enabled capabilities is used safely, consistently, and effectively. With seamless collaboration across regions, ensuring continuous security coverage through effective handover. The role requires strong analytical capability, sound security judgement, and the ability to balance quality response with long‑term detection and risk reduction.

Detection & Response

• Act as senior escalation point for complex/high-severity alerts across SIEM, EDR, cloud and identity platforms.
• Lead end-to-end incident response (investigation, containment, eradication, and post-incident review).
• Correlate alerts with threat intelligence and business context to assess risk and impact.
• Produce clear investigation summaries for technical and non-technical stakeholders.
• Collaborate closely with Incident Response during escalations.

AI‑Assisted Investigation & Tooling

• Use AI-enabled features across SOC tooling to accelerate analysis and investigations.
• Apply strong judgement to validate AI outputs and avoid automation bias.
• Provide feedback to improve tooling, workflows, and AI effectiveness.
• Support development of safe and consistent AI usage standards within the SOC.

Threat Hunting & Proactive Detection

• Conduct proactive threat hunting using queries, dashboards and behavioural analytics.
• Identify gaps using frameworks (e.g. MITRE ATT&CK) and translate findings into improved detections and playbooks.

Detection Optimisation & Governance

• Tune alerts and detections to reduce noise while maintaining coverage.
• Validate and manage exclusions with clear risk assessment and documentation.
• Work with Detection Engineering to enhance detection logic and alert quality.

Collaboration & Mentoring

• Mentor analysts and support their development.
• Provide leadership during incidents and contribute to continuous SOC improvement.
• Collaborate with Security Engineering, Threat Intelligence and Automation teams.

Regional Handover

• Deliver structured handovers with clear incident status, risks, and next steps.
• Ensure continuity and adherence to operational standards across regions.

Required Skills & Experience

Essential

• 3+ years’ experience as a Senior SOC Analyst within an internal SOC environment.
• Strong experience in a SOC environment, including handling high‑severity incidents.
• Deep understanding of attacker tradecraft across endpoint, identity, cloud, and email attack surfaces.
• Hands‑on experience with SIEM, EDR, and security investigation platforms.
• Proven threat hunting experience using dashboards, structured queries, and behavioural analytics.
• Experience tuning detections and implementing well‑governed exclusions without increasing risk.
• Ability to clearly document investigations, decisions, and outcomes.

Desirable

• Experience using AI or machine‑learning features within security products.
• Familiarity with SOAR workflows and automation concepts.
• Knowledge of detection engineering concepts and use‑case lifecycle management.
• Experience working in regulated or large‑scale enterprise environments.

Behaviours & Attributes

• Strong analytical mindset.
• Risk‑aware decision making, especially when tuning or excluding detections.
• Clear, confident communicator under pressure.
• Proactive and curious, with a continuous improvement mentality.
• Trusted senior presence within the SOC team.

Admiral: Where You Can

We take pride in being a diverse and inclusive business. It’s a place where you can be yourself and show up as you are. You can grow, progress, and make a difference for our customers and each other. You may share in our future with up to £3,600 of free shares each year after one year of service. Everyone receives 33 days holiday (including bank holidays) when they join us, increasing to a maximum of 38 days (including bank holidays) the longer you stay. You also have the option to buy or sell up to an additional five days of annual leave.

Disability Confident Leader

As a Disability Confident Leader, for candidates with a disability or long‑term health condition who opt into the Disability Confident scheme, we’ll invite a fair and proportionate number of applicants that meet the essential requirements of the role to the first stage of our selection process. If you need any adjustments or support with your application or during the recruitment process, just let us know. Please do email us or contact us.