At a Glance
- Tasks: Lead complex security incidents and guide clients through critical decision-making.
- Company: Join Phoenix, a leading IT solution and managed service provider in the UK.
- Benefits: Enjoy flexible remote work, skill development, and a supportive culture.
- Other info: Fully remote role with excellent career growth opportunities.
- Why this job: Make a real impact in cybersecurity while mentoring junior analysts.
- Qualifications: Strong DFIR/SOC experience and advanced KQL skills required.
The predicted salary is between 48000 - 72000 £ per year.
We’re now looking for a Senior SOC Analyst to take a leading role in complex incident response cases, guiding clients through high-severity security events and strengthening our overall SOC capability.
Responsibilities
- Incident response & forensics: You’ll lead major security incidents from detection through remediation, coordinating containment, analysing attacker activity, and supporting clients through critical decision-making.
- Threat hunting & detection engineering: You’ll proactively hunt for threats using advanced KQL analytics, enhance SIEM/EDR detections, tune rules, and develop signatures aligned to MITRE ATT&CK.
- Malware analysis & reverse engineering: You’ll perform malware triage and behavioural analysis, using reverse-engineering tools when needed to support investigations and strengthen detection coverage.
- Reporting & client communication: You’ll produce clear, high-quality investigation reports, timelines, and intelligence summaries that translate technical findings for a range of audiences.
- SOC leadership & continuous improvement: You’ll contribute to SOC playbooks, mentor junior analysts, support onboarding of new customers, and help evolve SOC processes and tooling.
- On-call support: You’ll participate in the 24×7 on-call rota to provide expert support during critical incidents.
What we’re looking for
- A strong background in DFIR, SOC operations, or incident response
- Ability to lead complex investigations and high-severity security incidents
- Confident decision-maker who can guide clients through critical situations
- Strong communicator, able to translate technical findings for any audience
- Collaborative mindset with willingness to work closely across teams
- Ability to mentor junior analysts and support skill development
- Comfortable working in fast-paced, high-pressure environments
- Proactive approach to improving SOC processes, playbooks, and detection capabilities
Key Skills
- Advanced SIEM expertise (ideally Microsoft Sentinel & Defender XDR)
- Strong DFIR/SOC/incident response experience
- High-level KQL capability
- Python/PowerShell for automation
- Core digital forensics skills
- Experience with Velociraptor, KAPE & sandbox tools
- Solid detection engineering understanding
- Strong technical reporting and documentation skills
Practical stuff
- Where is the role based? This role can be fully remote apart from an initial onboarding week on-site in Pocklington.
- What are the shift patterns? 9:00am until 5:00pm (Flexible start & finish) with on call responsibilities.
- What about security clearance? You will need to have lived in the UK continuously for at least 5 years and have no criminal record to achieve the clearance you need for this role. You must also already have/have the ability to obtain NPPV3.
If you’re still reading, we think there’s a strong chance you might be our kind of person. We believe a diversity of perspectives and experiences makes a team stronger — and the stronger our team, the more successful we will be.
Senior SOC Analyst in Pocklington employer: Phoenix Software
At Phoenix, we pride ourselves on being an excellent employer that fosters a collaborative and innovative work culture. As a Remote Power Platform Specialist, you will benefit from flexible working arrangements, continuous professional development opportunities, and a supportive team environment that encourages growth and creativity. Join us in our mission to empower UK organisations and enjoy the unique advantage of contributing to meaningful digital transformations while working from anywhere in the UK.
StudySmarter Expert Advice🤫
We think this is how you could land Senior SOC Analyst in Pocklington
✨Tip Number 1
Network like a pro! Reach out to current employees at Phoenix or in the SOC field on LinkedIn. A friendly chat can give you insider info and might just get your foot in the door.
✨Tip Number 2
Show off your skills! Prepare a portfolio of your past incident response cases or threat hunting projects. This will help you stand out during interviews and demonstrate your hands-on experience.
✨Tip Number 3
Practice makes perfect! Get comfortable with common interview questions for SOC roles. Mock interviews with friends or mentors can help you articulate your experience and decision-making process under pressure.
✨Tip Number 4
Don’t forget to apply through our website! It’s the best way to ensure your application gets seen by the right people. Plus, it shows you’re genuinely interested in joining the Phoenix team.
We think you need these skills to ace Senior SOC Analyst in Pocklington
Some tips for your application 🫡
Tailor Your CV:Make sure your CV is tailored to the Senior SOC Analyst role. Highlight your experience in incident response, threat hunting, and any relevant tools you've used. We want to see how your skills align with what we're looking for!
Craft a Compelling Cover Letter:Your cover letter is your chance to shine! Use it to explain why you're passionate about this role and how your background makes you a perfect fit. Don’t forget to mention your collaborative mindset and mentoring experience!
Showcase Your Technical Skills:We love seeing technical skills in action! If you have experience with KQL, Python, or any specific tools like Velociraptor, make sure to include examples of how you've used them in your previous roles. This will help us understand your hands-on experience.
Apply Through Our Website:We encourage you to apply through our website for the best chance of getting noticed. It’s super easy, and we’ll be able to track your application better. Plus, it shows you’re serious about joining our team!
How to prepare for a job interview at Phoenix Software
✨Know Your Incident Response Inside Out
Make sure you brush up on your incident response and forensics knowledge. Be ready to discuss specific cases you've led, the challenges you faced, and how you overcame them. This will show that you can handle high-severity security events with confidence.
✨Show Off Your Threat Hunting Skills
Prepare to talk about your experience with KQL analytics and detection engineering. Bring examples of how you've enhanced SIEM/EDR detections or developed signatures aligned to MITRE ATT&CK. This will demonstrate your proactive approach to threat hunting.
✨Communicate Clearly and Effectively
Since you'll need to produce clear investigation reports, practice explaining complex technical concepts in simple terms. Think about how you would communicate findings to different audiences, as this is crucial for client communication.
✨Be Ready to Lead and Mentor
Highlight your leadership skills and willingness to mentor junior analysts. Share experiences where you've contributed to SOC processes or playbooks, as this shows your commitment to continuous improvement and teamwork.