Security Analyst in Southampton

We are a people-focused, values-driven global service provider delivering end-to-end IT outsourcing (ITO), including cyber defence services, to a wide range of clients—from fast-growing organizations to large enterprise and public sector environments.

Our security function supports clients through capabilities such as Managed Detection and Response (MDR), threat hunting, vulnerability management, penetration testing, and incident response, alongside advisory-led consulting engagements. The organization is experiencing strong growth and continues to invest in its people, platforms, and capabilities. This is an opportunity to work in a collaborative environment where professional development and wellbeing are prioritized.

As a Senior Security Analyst within a Security Operations Centre (SOC), you will play a key role in identifying, investigating, and responding to cyber threats across varied environments. You will support and mentor junior analysts, lead complex investigations, and contribute to the ongoing development of detection and response capabilities. This role is suited to a security professional with a solid technical background, a collaborative approach, and an interest in progressing into leadership or specialist career paths such as SOC leadership, threat hunting, security engineering, or incident response.

• Lead in-depth analysis and investigation of security incidents, identifying root causes and recommending remediation actions
• Provide technical and procedural guidance to junior SOC analysts
• Develop and enhance detection use cases, correlation rules, and playbooks within SIEM and EDR platforms
• Conduct proactive threat hunting activities across client environments
• Collaborate with engineering teams to improve visibility, telemetry, and automation
• Support major incident response efforts and coordinate cross-functional remediation
• Produce detailed incident reports and contribute to stakeholder communications where required
• Contribute to the maturity of SOC operations through process improvements, training, and knowledge sharing

• 2–4 years’ experience in a SOC, CSIRT, or cyber defence environment
• Strong understanding of attack frameworks (e.g. MITRE ATT&CK, Cyber Kill Chain)
• Hands-on experience with SIEM and EDR tools (e.g. Microsoft Sentinel, Splunk, CrowdStrike, Defender)
• Experience in incident triage, containment, and response
• Good knowledge of network protocols, Windows/Linux systems, and cloud environments (e.g. M365, Azure, AWS)
• Strong analytical and communication skills, with the ability to explain technical issues to varied audiences
• Demonstrated commitment to continuous learning

• Experience with scripting or automation (e.g. PowerShell, KQL, Python)
• Exposure to threat hunting or threat intelligence practices
• Experience mentoring or supporting junior colleagues
• Familiarity with vulnerability management or digital forensics

• Competitive salary
• Flexible and hybrid working options
• Funded training and professional certifications
• Access to modern security tools and threat intelligence resources
• Benefits package including pension, healthcare, and wellbeing support
• Collaborative and inclusive working culture
• Clear career progression opportunities

This is an opportunity to be part of a team focused on delivering high-quality cyber defence services while supporting each other’s growth and development. If you’re looking to advance your career in a supportive and forward-thinking environment, this role offers a strong platform to do so.