Security Operations Centre Analyst in Hemel Hempstead

Ready for your next move in Cyber Security? Join a fast growing Security Operations Centre that protects over 30 organisations across multiple industries, from critical infrastructure to complex enterprise environments. As part of our team, you will play a key role in strengthening and maturing our SOC services, helping deliver smart, efficient and high-impact security outcomes for our clients. You won’t just monitor alerts, you will investigate, improve detection capability, influence processes, and help shape how we defend modern environments. You will gain exposure to real world threats, diverse technology stacks, and large scale operations, giving you the kind of hands on experience that accelerates careers. If you are curious, analytical, and thrive on solving problems that genuinely matter, this could be your next challenge. Our team operates a 24/7 SOC. This role involves working day and night shifts and is based at our SOC in Hertfordshire.

What you will be doing:

• Monitoring and analysing security alerts and events, conducting initial investigations and determining the appropriate response.
• Escalating complex incidents to Senior Analysts for deeper analysis and resolution.
• Managing SOC incident queues to ensure timely and effective response.
• Maintaining and improving asset baselines across customer environments.
• Producing clear, insightful reports for both technical and non-technical audiences.
• Enhancing detection rules and use cases aligned to MITRE ATT&CK and threat-informed defence.
• Working collaboratively to protect critical data and technology platforms.
• Documenting incidents, findings and recommended mitigations.
• Supporting the continual improvement of SOC processes and procedures.

What you will bring:

• Hands‑on experience with Microsoft Sentinel and Splunk.
• Knowledge of the MITRE ATT&CK framework.
• Understanding of client-server and multi-tier applications, databases, firewalls, VPNs and endpoint security.
• Solid networking fundamentals (TCP/IP, LAN/WAN, HTTP, SMTP, FTP, LDAP, etc.).
• Strong analytical thinking and structured problem solving.
• The ability to prioritise, manage multiple tasks and work effectively under pressure.
• An entry‑level cyber security certification (e.g. Security+, CEH, CPSA) or similar.

It would be great if you had:

• Scripting or programming skills (Python, PowerShell, Bash, Perl, C++).
• Broader SIEM experience (e.g. QRadar).
• Additional SOC or CREST certifications.

If you are interested in this role but not sure if your skills and experience are exactly what we’re looking for, please do apply, we’d love to hear from you!

Employment Type: Permanent

Location: Hemel Hempstead

Security Clearance Level: Eligible for Security Clearance

Internal Recruiter: Lee

Salary: £dependant on experience

Benefits: 25 days annual leave with the choice to buy extra days, Health Care plan, life assurance, and pension

Loved reading about this job and want to know more about us? Sopra Steria’s Aerospace, Defence and Security business designs, develops and deploys digital solutions to Central Government clients. The work we do makes a real difference to the client’s goal of National Security, and we operate in a unique and privileged environment. We are given time for professional development activities, and we coach and mentor our colleagues, sharing knowledge and learning from each other. We foster a culture in which employees feel valued and supported and have pride in their work for the customer, delivering outstanding rates of customer satisfaction in the UK’s most complex safety- and security-critical markets.