Senior SOC Analyst specializing in security operations and incident response at PEXA, advancing digital property solutions in the UK. Collaborating with teams to enhance security measures and respond to incidents.
About the role
- SOC Engineer at Phoenix, leading onboarding activities and optimizing security technologies and processes. Collaborating with teams to ensure effective detection and response in managed services.
Responsibilities
- Lead customer onboarding activities, integrating new environments and configuring detection baselines, automation, and playbooks.
- Deploy, tune, and optimise detection rules and correlation logic to reduce false positives and improve alert fidelity.
- Configure and enhance log ingestion pipelines, enrichment workflows, dashboards, and reporting to support SOC operations and customer visibility.
- Develop, maintain, and improve customer SOPs, runbooks, and playbooks to ensure consistent and effective response processes.
- Work closely with Detection Engineering teams to contribute new detections, refine existing analytics, and validate detection logic.
- Support CI/CD processes for detection content, ensuring safe, controlled deployment of rules, scripts, and automation updates.
- Assist in developing and improving SOAR playbooks, validating automated actions, and ensuring operational reliability.
- Maintain structured repositories of detection queries, SOPs, and operational documentation to keep SOC content accurate and up to date.
- Troubleshoot detection and workflow issues, collaborating with internal teams and customers to resolve technical challenges.
- Partner with architects, analysts, and service managers to improve SOC onboarding processes, tooling, and detection standards.
Requirements
- Good blend of both technical ability and customer facing skills
- Significant experience working in a fast-paced MSSP environment
- Strong skills in designing, tuning, and validating detection logic (MITRE ATT&CK aligned)
- Hands-on experience with SIEM, XDR, SOAR, and log ingestion/detection configuration
- Background in SOC operations such as analysis, detection engineering, IR, or threat hunting
- Ability to design and validate automated workflows and SOAR playbooks
- Experience using CI/CD pipelines and version control (Azure DevOps, GitHub, GitLab)
- Skilled in producing clear SOPs, runbooks, playbooks, and operational documentation
- Experience supporting customer onboarding and tailoring detections to specific environments
- Strong communication and collaboration skills across technical and non‑technical teams
- Proactive, accountable, and able to deliver reliable, high‑quality outcomes
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
No Education Requirement
Tech skills
Location requirements
Security Monitoring Analyst developing XDR detection rules for cybersecurity at ESET. Actively contributing to threat defense innovation while monitoring security environments.
Overseeing global security operations across 81 sites for QVC Group, a Fortune 500 live shopping company. Managing security programs with expertise in investigations and crisis management.
Junior SOC Analyst supporting security team with monitoring and analysis of security incidents in Berlin. In a hybrid work environment, gain hands - on cybersecurity experience through mentorship.
Infrastructure Security Operations Analyst at Terumo safeguarding digital and operational technology across EMEA. Collaborating with external partners and maintaining security standards.
Infrastructure Security Operations Analyst overseeing security risks for Terumo’s digital landscape across EMEA. Ensuring robust security measures while collaborating with stakeholders in a global environment.
Overseeing Security Operations Team's strategies and implementations for interactive investor. Ensuring protection of key business assets through analysis and incident response.
Senior Security Engineer managing perimeter security operations for Fanatics' global e - commerce platform. Focus on operations, detection, automation, and reliability across multiple CDN and networking layers.
SOC Analyst Level 2 role focusing on security incidents and response plans in a hybrid environment. Working with cross - functional teams to enhance security practices and incident handling.
Cybersecurity Analyst monitoring network and system activity at AT&T to detect and respond to cyber threats. Participating in incident response and threat analysis for US Government Program.