A defence prime is expanding its 24/7 Security Operations Centre to support a new programme of national significance. They need experienced L3 analysts to lead complex investigations, develop detection use cases, and mentor junior team members across the shift pattern.
You are a seasoned SOC analyst with at least 5 years' experience in a high-tempo environment, ideally within defence or government. You have strong experience with SIEM platforms (Splunk or Sentinel), can perform advanced threat hunting, and hold or have held DV clearance. You thrive under pressure and can lead a shift team confidently.
Lead complex security investigations from initial triage through to resolution. Develop and tune detection rules and SIEM use cases. Conduct proactive threat hunting across network and endpoint telemetry. Mentor and develop L1 and L2 analysts. Produce detailed investigation reports for stakeholders and contribute to post-incident reviews.
Interested in this position? Submit your details below and our team will be in touch.
Many of our roles are confidential.
Register your interest and we'll be in touch when something relevant comes up.
Not necessarily. While some of our roles require active SC or DV clearance, many positions are open to candidates who are eligible for clearance but do not yet hold it. Each vacancy listing specifies clearance requirements upfront so you can assess suitability before applying.
Your application is reviewed by one of our specialist consultants within 48 hours. If your profile matches the role requirements, we will arrange an initial confidential conversation to discuss the opportunity in detail and understand your career goals.
Absolutely. Confidentiality is central to everything we do. Your application, conversations, and personal details are never shared with any third party without your explicit consent. Many of our candidates are in senior positions where discretion is paramount.
We encourage you to register your interest anyway. Our mandates change frequently, and many of our best placements come from candidates we already know when the right role emerges. We will keep your details on file and reach out when a suitable opportunity arises.
