Lead Incident Response Analyst – Security Operations (Hybrid)
Location: South Wales & Bristol (2 days per week in office)
Circa £55,000 DOE
Join a leading security operations team as a Lead Incident Response Analyst, where you’ll take charge of advanced incident response, proactive threat hunting, and mentoring SOC analysts. Acting as a senior escalation point, you’ll work with cutting-edge Microsoft security tools (Sentinel, Defender suite) and frameworks like MITRE ATT&CK to safeguard clients against sophisticated threats.
What you’ll do:
- Lead containment, eradication, and recovery for high-severity incidents
- Conduct proactive threat hunting and root cause analysis
- Collaborate across SOC teams to improve detection and automation
- Mentor analysts and contribute to early careers programs
What we’re looking for:
- 3+ years SOC experience with strong incident response skills
- Expert in Microsoft Sentinel & Defender suite
- Strong KQL and threat-hunting expertise
- Excellent communication and leadership skills
Hybrid role with on-call rota and opportunities to shape SOC capabilities.