Principal Security Analyst in Manchester

Insight Enterprises is a Fortune 500 Solutions Integrator helping organizations accelerate transformation by unlocking the power of people and technology. With a 35-year foundation in hardware and software supply chain augmenting our deep expertise in cloud, data, AI, cybersecurity, and intelligent edge, we guide organizations through complex digital decisions to achieve extraordinary results.

Location: UK – Uxbridge, Manchester, or Sheffield.

On‑call: Yes – 7‑day on‑call rota every other week.

We are looking for a Principal Security Analyst to play a key leadership role in our multi‑client SOC. This is a senior, day‑shift position where you will take ownership of complex security incidents, lead our security engineering function, and work closely with clients across onboarding, BAU and occasional pre‑sales activities. You will join a growing SOC team supporting 3–4 key clients, working primarily with the Microsoft Defender and Sentinel ecosystem, Tenable for vulnerability management, and ServiceNow for ticketing and workflows.

This role we are offering is a Hybrid position; you will be expected to come into the office three times a week as part of your responsibilities.

• Lead and support the SOC team
• Provide day‑to‑day leadership and technical guidance to Security & Senior Security Analysts.
• Function as an escalation point for complex incidents and investigations.
• Coach, mentor, and develop teammates to continually raise the bar.
• Own incident investigation & response:

• Respond to complex security incidents, performing deep‑dive investigations and root‑cause analysis.
• Ensure accurate, high‑quality incident documentation and post‑incident review.
• Collaborate with other security and operations teams to drive timely resolution and clear stakeholder updates.
• Tune and maintain security platforms (e.g., SIEM, IDS/IPS, firewalls) to improve detection, triage, and response.
• Develop and maintain security tools and technologies to enhance SOC capabilities.
• Create and refine security procedures, playbooks, and guidelines for consistent, effective response.

• Continuously monitor and review our security posture and recommend improvements.
• Function as a key contributor to new SOC service offers, such as Threat & Vulnerability Management.
• Work closely with the Senior Security Operations Manager and Senior Analysts to shape the SOC technology roadmap and align with Insight’s growth strategy.

• Collaborate directly with clients to understand their unique security needs and tailor services accordingly.
• Support client‑specific rule sets and mitigation advice.
• Be a key technical advisor to Service Delivery Managers, contributing to strong, long‑term client relationships.
• Function as a senior point of escalation for SOC analysts on complex or high‑severity incidents.

• Tune and optimise detection rules, playbooks and use cases to reduce noise and improve detection quality.
• Support and mentor junior SOC analysts – reviewing cases, coaching on investigation techniques, and helping them grow.
• Work tickets and workflows in ServiceNow as part of incident and request handling.
• Engage directly with clients to explain findings, remediation steps, and risk in clear, non‑jargon language.
• Lead / contribute to weekly incident review and threat review meetings.
• Collaborate with clients and internal teams on onboarding activities (new log sources, new use cases, new environments).
• Collaborate with security engineering and platform teams on improvements to the SOC toolset and processes.
• Participate in the on‑call rota every other week, providing out‑of‑hours escalation support.
• Own and drive continuous improvement initiatives for the SOC (use‑case roadmap, automation, reporting).
• Support vulnerability management cycles using Tenable – reviewing scan results, prioritising vulnerabilities, and advising on remediation.
• Contribute to client‑facing reports, service reviews, and improvements to KPIs and SLAs.
• Provide input into pre‑sales / solution design for prospective SOC clients (e.g., explaining service capabilities, toolsets, and onboarding approach).
• Help shape wider SOC strategy, standards, and best practice.

• Strong client‑facing and communication skills – able to translate technical detail into business‑relevant language.
• Comfortable operating as a senior / principal figure in the SOC, influencing direction and standards.
• Collaborative, initiative‑taking, and able to work effectively in a small, growing team.
• Experience in cyber security, with a strong background in a SOC environment.
• Experience working in a multi‑client SOC / MSSP or large consultancy is highly desirable.
• Proven experience handling and leading high‑severity incidents end‑to‑end.
• Solid understanding of common attack techniques, incident response, and threat detection.
• Ability to quickly become productive with minimal hand‑holding in a Microsoft‑centric SOC stack.
• Strong hands‑on experience with:

• Microsoft Sentinel, Microsoft Defender (e.g., Defender for Endpoint, Defender for Cloud), ServiceNow (or similar ITSM platform), Vulnerability Management tools, ideally Tenable.

• Microsoft SC‑200 (Security Operations Analyst).
• Microsoft SC‑300 (Identity and Access Administrator).
• CompTIA Security+.

About Insight: We believe that by giving you the freedom to think big and empower you to reach your full potential, together we will achieve the best outcomes. Along with excellent benefits and a compelling reward package, we offer the opportunity to work in a supportive environment with a high level of autonomy and creativity – there’s a reason our average employee tenure is over 6 years. We strive to display our three core values of Hunger, Heart and Harmony every day. They represent and drive who we are here at Insight and by doing so we are doing amazing things. Insight started in a garage in 1988 and it is through harnessing our three core values that two brothers, Eric and Tim Crown, steered Insight to the Fortune 500 company it is today. We are now a Global IT Services and Solutions business, passionate about helping customers and the real people who sit behind them.

Insight is an equal opportunity employer, and we are committed to achieving diversity and equality within our organisation. We seek out people from diverse backgrounds and encourage you to apply.

We will endeavour to contact you within five business days, should we feel your profile is a good match for this role. If you do not hear from us within this timeframe, please presume that on this occasion, your application was not successful.

Insight is committed to providing equal opportunities for all applicants and recognizes and values the unique talents and perspectives which individuals with disabilities bring to our workplace and we encourage them to apply. Any information provided regarding changes or adjustments will be kept confidential and used solely for the purpose of ensuring all our candidates can perform at their very best during the recruitment process.