Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead complex security incidents and guide clients through critical decision-making.
- Company: Join Phoenix, a leading IT solution provider focused on digital transformation.
- Benefits: Enjoy flexible remote work, skill development, and a supportive culture.
- Why this job: Make a real impact in cybersecurity while growing your expertise in a dynamic environment.
- Qualifications: Strong background in incident response and ability to mentor junior analysts.
- Other info: Fully remote role with excellent career growth opportunities and a focus on diversity.
The predicted salary is between 43200 - 72000 Β£ per year.
Overview of the role
Phoenix enables digital transformation in the workplace, empowering UK organisations to innovate and transform with cloud and hybrid infrastructures, data, AI, security, and collaboration tools. We are now looking for a Senior SOC Analyst to take a leading role in complex incident response cases, guiding clients through high-severity security events and strengthening our overall SOC capability.
What will you be doing?
- Incident response & forensics: You'll lead major security incidents from detection through remediation, coordinating containment, analysing attacker activity, and supporting clients through critical decision-making.
- Threat hunting & detection engineering: You'll proactively hunt for threats using advanced KQL analytics, enhance SIEM/EDR detections, tune rules, and develop signatures aligned to MITRE ATT&CK.
- Malware analysis & reverse engineering: You'll perform malware triage and behavioural analysis, using reverse-engineering tools when needed to support investigations and strengthen detection coverage.
- Reporting & client communication: You'll produce clear, high-quality investigation reports, timelines, and intelligence summaries that translate technical findings for a range of audiences.
- SOC leadership & continuous improvement: You'll contribute to SOC playbooks, mentor junior analysts, support onboarding of new customers, and help evolve SOC processes and tooling.
- On-call support: You'll participate in the 24x7 on-call rota to provide expert support during critical incidents.
What are we looking for?
- A strong background in DFIR, SOC operations, or incident response
- Ability to lead complex investigations and high-severity security incidents
- Confident decision-maker who can guide clients through critical situations
- Strong communicator, able to translate technical findings for any audience
- Collaborative mindset with willingness to work closely across teams
- Ability to mentor junior analysts and support skill development
- Comfortable working in fast-paced, high-pressure environments
- Proactive approach to improving SOC processes, playbooks, and detection capabilities
Key Skills
- Advanced SIEM expertise (ideally Microsoft Sentinel & Defender XDR)
- Strong DFIR/SOC/incident response experience
- High-level KQL capability
- Python/PowerShell for automation
- Core digital forensics skills
- Experience with Velociraptor, KAPE & sandbox tools
- Solid detection engineering understanding
- Strong technical reporting and documentation skills
Why you should apply?
At Phoenix, our philosophy is simple - we aim to be the UK's leading IT solution and managed service provider and that means we recognise that it's our people who are the heart of everything we do. We do this by providing the encouragement, support and skill development that you need to be the very best you can be at work. We are proud of our culture, so much so that we have developed our Culture Blueprint.
Practical stuff
- Where is the role based? This role can be fully remote apart from an initial onboarding week on-site in Pocklington.
- Shift patterns? 9:00am until 5:00pm (Flexible start & finish) with on-call responsibilities.
- Security clearance? You will need to have lived in the UK continuously for at least 5 years and have no criminal record to achieve the clearance you need for this role. You must also already have/have the ability to obtain NPPV3.
Have you made it this far?
If you're still reading, we think there's a strong chance you might be our kind of person. Here's the thing, though - research suggests that 60% of women and underrepresented people might have already talked themselves out of applying. Even if you don't check every box above, we want to encourage you to introduce yourself. We believe a diversity of perspectives and experiences makes a team stronger - and the stronger our team, the more successful we will be.
Senior SOC Analyst employer: Phoenix Software
Contact Detail:
Phoenix Software Recruiting Team
StudySmarter Expert Advice π€«
We think this is how you could land Senior SOC Analyst
β¨Tip Number 1
Network like a pro! Reach out to folks in the industry, attend meetups, and connect with current employees at Phoenix. A friendly chat can sometimes lead to opportunities that arenβt even advertised!
β¨Tip Number 2
Show off your skills! Create a portfolio or GitHub repository showcasing your incident response projects, threat hunting techniques, or any cool automation scripts you've developed. This gives you an edge and shows youβre proactive.
β¨Tip Number 3
Prepare for the interview by brushing up on your KQL and SIEM knowledge. Be ready to discuss real-world scenarios where youβve led investigations or improved SOC processes. We love seeing candidates who can think on their feet!
β¨Tip Number 4
Donβt hesitate to apply through our website! Even if you donβt tick every box, we value diverse experiences. Just put yourself out there and let us see what you can bring to the team!
We think you need these skills to ace Senior SOC Analyst
Some tips for your application π«‘
Tailor Your CV: Make sure your CV is tailored to the Senior SOC Analyst role. Highlight your experience in incident response, threat hunting, and any relevant tools you've used. We want to see how your skills align with what we're looking for!
Craft a Compelling Cover Letter: Your cover letter is your chance to shine! Use it to explain why you're passionate about cybersecurity and how your background makes you a great fit for our team. Keep it concise but impactful β we love a good story!
Showcase Your Communication Skills: Since you'll be translating technical findings for various audiences, make sure to demonstrate your communication skills in your application. Use clear language and avoid jargon where possible β we want to see how you can make complex topics accessible!
Apply Through Our Website: We encourage you to apply directly through our website. Itβs the best way to ensure your application gets into the right hands. Plus, it shows us you're serious about joining our awesome team at Phoenix!
How to prepare for a job interview at Phoenix Software
β¨Know Your Stuff
Make sure you brush up on your DFIR and SOC operations knowledge. Be ready to discuss specific incidents you've handled, the tools you used, and how you approached complex investigations. This will show that you're not just familiar with the theory but have practical experience too.
β¨Showcase Your Communication Skills
Since you'll need to translate technical findings for various audiences, practice explaining complex concepts in simple terms. Think about how you would communicate a high-severity incident to a non-technical client. Clear communication can set you apart from other candidates.
β¨Demonstrate Leadership Qualities
Be prepared to talk about your experience mentoring junior analysts or leading teams during critical incidents. Share examples of how you've guided clients through tough situations and contributed to SOC processes. This will highlight your collaborative mindset and decision-making skills.
β¨Familiarise Yourself with Tools
Get comfortable with the key tools mentioned in the job description, like Microsoft Sentinel, Defender XDR, and KQL. If you have experience with Velociraptor or KAPE, be ready to discuss how you've used them in past roles. Showing that you're proactive about improving detection capabilities will impress the interviewers.
