Focus Group
Senior SOC Analyst

How your CV stacks up
Upload your CV to see how well it fits this job role
?%
Senior SOC Analyst
Senior SOC Analyst
(Internal Job Level Reference: Specialist)
UK • Hybrid – 3 days a week in our Manchester office (Suite B, Maple Court, M60 Office Park, Wynne Ave, Swinton, Clifton, Manchester, M27 8FF)
£50–£55k (dependent on experience) + benefits
Focus Group is looking for a Senior SOC Analyst to play a key role within our Managed Security Services team. This is a dual-focused position combining hands-on technical expertise with day-to-day operational leadership, ensuring high-quality delivery of managed detection and response services across a diverse customer base.
You'll lead SOC operations, act as the escalation point for complex security incidents, and mentor junior analysts—driving both service excellence and team development.
What you'll do
- Lead day-to-day SOC operations, ensuring effective triage, escalation, and communication workflows
- Act as the primary escalation point for complex security investigations and incidents
- Conduct advanced threat investigations across endpoints, networks, and cloud environments
- Perform proactive threat hunting and detection tuning to improve coverage and reduce noise
- Manage and mentor Tier 1–2 analysts, supporting development and technical growth
- Ensure ticket quality, SLA adherence, and high service standards across SOC operations
- Support onboarding of new customers into monitoring and detection platforms
- Collaborate with Cyber Security leadership to improve detection strategy and SOC maturity
- Analyse logs and security data to identify malicious or suspicious activity
- Develop and maintain playbooks, runbooks, and knowledge base content
- Produce clear, actionable incident reports for internal and customer stakeholders
- Engage directly with customers during escalations, incident reviews, and briefings
- Identify opportunities for automation, process improvement, and enhanced detection capabilities
- Stay up to date with emerging threats, attack techniques, and MITRE ATT&CK developments
Reasons to use Rodeo
I’m in my final year doing Economics and I don’t know whether to apply for grad schemes now or do a masters first. What do you think?
Honest answer — it depends on where you want to end up. A lot of top grad schemes (Big 4, civil service, banking) don’t need a masters. Let’s look at the ones you’d be competitive for now, and we can decide if a masters actually adds anything.
Also worth knowing: most autumn 2026 applications are open now. Timing matters more than you think.
Start with a chat, not a search bar
Grad scheme, placement, apprenticeship? Not sure what you want yet — that's fine. Your agent talks it through with you and turns "I have no idea" into a shortlist.
Graduate Consultant — 2026 Scheme
Why you're a good match
StrongYour economics background and your summer at a regional bank line up with what PwC looks for on the consulting scheme. Applications close in four weeks.
See breakdownIt searches the market for you
Every day your agent scans the market matching roles against what actually matters to you, not just keywords on a CV.
Why you're a good match
You’ve got the grades and the economics background, and your bank internship is exactly the experience this scheme looks for. Apply soon — deadlines close within the month.
Experience fit
Your summer at the bank plus your econometrics coursework map directly to the day-one responsibilities on this scheme — client modelling, market briefings, and deal support.
Only hits
No noise. No "maybe this fits." Just roles with a clear explanation of why they're right — and where to focus when applying.
What you'll bring
Essential:
- 4–6 years' experience in a SOC or MSSP environment at Tier 2–3 or Lead level
- Strong hands-on experience with SIEM platforms (e.g. Microsoft Sentinel, Splunk, Elastic, LogPoint)
- Experience with EDR tools such as Microsoft Defender, SentinelOne, or Bitdefender
- Deep understanding of MITRE ATT&CK and modern threat detection methodologies
- Strong incident response, investigation, and log analysis capability across multiple data sources
- Ability to lead during high-pressure incidents with calm, confident decision-making
- Strong communication skills, including producing clear incident reports and updates
- Proven ability to mentor, coach, and support junior analysts
- Organised approach with the ability to manage multiple concurrent incidents
- Proactive mindset focused on continuous improvement and service optimisation


Get help with your application
Your very own career expert that helps elevate your application to the next level.
Nice to have:
- Certifications such as SC-200, GCIH, GCIA, Security+, or BTL1
- Experience in an MSSP or multi-customer environment
- Microsoft security stack experience (Defender XDR, Sentinel, M365 security)
- Knowledge of cloud security, email security, and vulnerability management
- Experience with KQL or other query languages
- Scripting skills (PowerShell, Python)
- Familiarity with SOAR and threat intelligence platforms
- Understanding of compliance frameworks (ISO 27001, NIST, Cyber Essentials)
Future opportunities
- SOC Manager / Head of Security Operations
- Cyber Security Technical Lead
- Detection Engineering Lead
- Threat Intelligence Lead
- Incident Response Manager
- Security Consultant / Advisory
“It took my CV and asked me questions relevant to understanding what kind of jobs to suggest for me. Suggestions were almost perfect. Jobs were exactly what I’ve been looking for.”
Jessica, London
Skills