Security Analyst - 24/7 Environment in Manchester

This role is focused on providing rapid detection, triage, and initial investigation of security alerts and incidents across multiple client environments. You will be the first point of contact for potential security events, ensuring timely escalation and accurate documentation to support deeper forensic analysis and incident resolution, working in our 24x7x365 Manchester based SOC.

Key Responsibilities

• Alert Monitoring & Triage: Monitor SIEM dashboards and security tools (e.g., Microsoft Sentinel, Microsoft Defender for Cloud) for alerts, anomalies, and suspicious activity. Perform initial triage to validate alerts, assess severity, and determine escalation paths.
• Incident Response Support: Execute first-line incident response actions, including containment steps (e.g., isolating endpoints, blocking malicious IPs). Document all findings and actions taken in accordance with DFIR best practices. Escalate complex incidents to 2nd/3rd line DFIR teams with detailed evidence and timelines.
• Digital Forensics Assistance: Collect and preserve volatile data (e.g., memory captures, log exports) for forensic analysis. Assist in evidence handling and chain-of-custody documentation. Support phishing and malware investigations by extracting indicators and preparing reports.
• Threat Analysis & Detection Tuning: Conduct basic packet inspection and log analysis to identify indicators of compromise (IOCs). Fine-tune SIEM rules and alert thresholds to reduce false positives and improve detection accuracy.
• Compliance & Reporting: Ensure adherence to SLAs, SOC processes, and regulatory requirements. Produce clear, concise incident reports for internal teams and clients.
• Collaboration & Knowledge Sharing: Provide guidance to junior analysts and assist with knowledge transfer. Work closely with Cyber Security, IT operations, and client stakeholders during investigations.

About You

• Hands-on experience with SIEM and Threat Detection tools (Microsoft Sentinel & Defender for Cloud preferred).
• Exposure to DFIR principles and incident handling methodologies.
• Understanding of common attack vectors, malware types, and network protocols.
• Strong documentation and reporting skills for incident timelines and evidence logs.
• Familiarity with ITIL principles and ability to apply them in SOC operations.
• Comfortable working in a 24x7 shift environment and responding to high-pressure situations.
• UK SC clearance (or ability to obtain).

Desirable Skills

• Basic scripting (PowerShell, Python, KQL) for automation of triage tasks.
• Knowledge of MITRE ATT&CK framework and its application in detection engineering.
• Experience with phishing analysis and malware sandboxing tools.

Employee Benefits

• Training – All team members are offered a number of options in terms of personal development, whether it is technical led, business acumen or methodologies.
• Private medical cover for you and your spouse/partner, offered via Vitality.
• Discretionary bonus based on a blend of personal and company performance.
• Holiday – You will receive 25 Days holiday, plus 1 day for Birthday and 1 day for your work anniversary in addition to UK bank holidays.
• Electric Vehicle leasing with salary sacrifice.
• Contributed Pension Scheme.
• Death in service cover.
• Hybrid Working – UBDS Group offers a flexible working environment to help enable you to operate at your maximum regardless of your location.

About UBDS Group

At UBDS Group our mission is to support entrepreneurs who are setting new standards with technology solutions across cloud services, cybersecurity, data and AI, ensuring that every investment advances our commitment to innovation, making a difference, and creating impactful solutions for organisations and society.

We are an equal opportunities employer and do not discriminate on the grounds of gender, sexual orientation, marital or civil partner status, pregnancy or maternity, gender reassignment, race, colour, nationality, ethnic or national origin, religion or belief, disability or age.