Security Operations Center Analyst
Hybrid
Glasgow, United Kingdom
£ 70,000 / year
Full Time
10-04-2025
Job Specifications
A cyber security company in Glasgow is looking a SOC Analyst to join their business. This role will require someone comfortable with leading on client interactions, whilst also analyzing and engineering solutions for them.
The company have 20 people in total, 12 in the SOC, with further growth expected throughout this year due to high demand for their services, due to their unique partnership led approach.
They provide the following comprehensive suite of services:
Services
Managed eXtended Detection and Response (MXDR) Complete
vCISO Service and Acumen Advisory Services
Cyber Threat Intelligence (CTI) Service
Enhanced Managed Security Suite
Incident Response Service
Security Posture Benchmarking Assessment
The person taking up this position is the 1st line of contact for a number of customers at one time, depending on demand. 2 years + experience is needed to be considered for this role, within another SOC Environment
From a technical perspective they work with the following types of technologies, as much aligned experience as possible will see you be in a very good position to be considered highly for this position, though not all are mandatory
Develop detection logic and custom security rules within SIEM platforms (e.g., Elastic Security, Splunk, Sentinel)
Security Orchestration, Automation, and Response (SOAR) platforms and tools such as Palo Alto Cortex XSOAR, Tines, Splunk Phantom, or similar
Automation scripting and programming, particularly with Python
Relevant professional certifications (e.g., CISSP, GIAC certifications, or equivalent) are highly desirable
Relevant cloud security expertise (AWS, Azure, GCP)
They have an on call rota, this is paid seperate to base salary and works out at 1 in 4 on average.
The role is paying up to £70,000 and is a hybrid role in Glasgow, just outside of the city centre.
Apply today to find out more.
About the Company
MRG was formed in 2018, and in 2024 we're proud to have been named Europe's fastest growing recruitment company by the Financial Times After 20 years combined experience in recruitment, Iain McBride and Tracy McGrath decided to form their own recruitment business and Mac Recruit Group was born. We work hard to ensure our service is individually tailored to both clients and candidates whilst never forgetting the foundations in which the company was formed. Our ethos is simple.... We offer a friendly and personal service... Know more
Related Jobs
- Company Name
- Databricks
- Job Title
- Staff Security Engineer, Field Assurance
- Job Description
- RDQ326R19 We are seeking a Staff Security Engineer, Assurance Field Engineering, to join our Security organization. In this role, you will work side-by-side with Databricks’s strategic customers, partner with our field, and support essential security programs. You will play a key role in evangelizing Databricks’ comprehensive security program to our customers and the general market. This is a high-impact position that helps to meet customer security requests related to the output of our assurance team and the requirements of our customers’ assurance teams. It is a unique role for a well-rounded, field-facing security professional with deep knowledge in the assurance space. The Impact You Will Have Build a direct and ongoing relationship with security teams at our top customers across the EMEA region (Europe, Middle East, and Africa) to support customer risk audits and periodic security reviews. This includes how Databricks can support customer compliance requirements with regional regulations, including DORA, the EU Cybersecurity Act, and GDPR frameworks. Participate as a member of the field security team in strategic customer meetings by providing insights on security and compliance best practices that may be relevant to the EMEA region. Enhance the visibility of assurance offerings by supporting and participating in market initiatives within the EMEA region. Enhance the Security questionnaire process to improve service levels and efficiency. Contribute and participate in field activities such as webinars, conferences, blogs, etc. Interpret customer feedback into technical product requirements to best support compliance with EMEA regulations. Write high-level documents to update prospects and customers on relevant features and programs that successfully address regional compliance needs. What We Look For 8+ years of architecture experience building, consulting to, or implementing technology risk programs Well-versed in the overall challenges facing customers around our solutions' security, compliance, legal, and regulations with an enhanced focus on the EMEA region. Experience solving complex problems, serving as a subject matter expert in security, and delivering impactful solutions across the company. Proficiency in various cloud service platforms and security areas, focusing on addressing unique customer security challenges throughout the EMEA region. Experience leading cross-functional teams to complete projects with multiple dependencies and constraints. Ability to build relationships with and manage diverse stakeholders remotely Understanding of Data Science and Machine Learning concepts and applications Outstanding presentation skills to both technical and executive audiences, whether impromptu on a whiteboard or using presentations and demos Bachelor’s Degree required, Master's Degree in computer science, engineering, mathematics or related fields, or equivalent experience preferred About Databricks Databricks is the data and AI company. More than 10,000 organizations worldwide — including Comcast, Condé Nast, Grammarly, and over 50% of the Fortune 500 — rely on the Databricks Data Intelligence Platform to unify and democratize data, analytics and AI. Databricks is headquartered in San Francisco, with offices around the globe and was founded by the original creators of Lakehouse, Apache Spark™, Delta Lake and MLflow. To learn more, follow Databricks on Twitter, LinkedIn and Facebook. Benefits At Databricks, we strive to provide comprehensive benefits and perks that meet the needs of all of our employees. For specific details on the benefits offered in your region, please visit https://www.mybenefitsnow.com/databricks. Our Commitment to Diversity and Inclusion At Databricks, we are committed to fostering a diverse and inclusive culture where everyone can excel. We take great care to ensure that our hiring practices are inclusive and meet equal employment opportunity standards. Individuals looking for employment at Databricks are considered without regard to age, color, disability, ethnicity, family or marital status, gender identity or expression, language, national origin, physical and mental ability, political affiliation, race, religion, sexual orientation, socio-economic status, veteran status, and other protected characteristics. Compliance If access to export-controlled technology or source code is required for performance of job duties, it is within Employer's discretion whether to apply for a U.S. government license for such positions, and Employer may decline to proceed with an applicant on this basis alone.
- Company Name
- TRM-International
- Job Title
- Network Security Engineer
- Job Description
- Financial Trading Company who work with global companies on front office trading systems and connectivity are looking to hire Security Engineers & Development Operations specialists. The roles will encompass automation and compliance, incident response, web security, infrastructure security, platform engineering and technical support including maintenance and support. The ideal person will be educated to degree level with a Computer Science or Engineering degree. Have experience of doing dev ops engineering in the past Security platform engineering experience Understand ISO27001 or SOC2 Strong infrastructure support gained ideally in financial trading environment or similar Automate cloud security Excellent opportunity to work on cutting edge financial and trading technologies along side exceptional technologists that you can learn from.
- Company Name
- McGregor Boyall
- Job Title
- IT Security Manager
- Job Description
- IT Security Manager – £67,000 + Benefits Looking for a technical, hands-on IT Security Manager to join a lean and growing security team. Requires a technical skillset, experienced with the microsoft Security stack as well as a diverse range of hands-on ability. What You’ll Be Doing: Lead the technical implementation of ISO27001 and Cyber Essentials+ (CE+) Manage and enhance the Security Operations Center (SOC), with one analyst reporting to you Oversee incident response, manage security incidents from detection to resolution Work closely with the compliance manager on vulnerability management Architect secure solutions, validate baseline configurations, and recommend improvements to stay compliant Collaborate with key stakeholders including Compliance and Infrastructure teams Required Experience: Microsoft security suite experience – Microsoft certifications are highly valued Familiarity with SIEM tools – Microsoft Sentinel or similar Experience managing network security and firewalls Exposure to PenTesting methodologies or practices (desirable) Experience with NAC solutions like Cisco ISE, ForeScout, or similar Strong grasp of vulnerability management processes Desired Certifications Microsoft Security certifications (preferred) CISM or CISSP (beneficial, not essential) Apply now or reach out for a confidential chat- ngoren@mcgregor-boyall.com
- Company Name
- Job Title
- Security Consultant, SIEM/SOAR, Mandiant
- Job Description
- Note: By applying to this position you will have an opportunity to share your preferred working location from the following: London, UK; Dublin, Ireland.Minimum qualifications: Bachelor's degree in Computer Science, Information Systems, Cyber Security, related technical field, or equivalent practical experience. 6 years of experience in a Detection Engineering or related role, working with EDR and SIEM technologies. Experience using multiple operating systems, directory service software, and document, spreadsheet, and presentation software. Experience with detection tuning and creation leveraging various security tools including SIEM, EDR, or NDR tools. Experience with Security Orchestration and Automated Response (SOAR) platforms. Preferred qualifications: Experience with Search Processing Language (SPL), Kusto Query Language (KQL), YARA-L or similar SIEM query languages. Experience with content engineering inside SIEM platforms (e.g., rule creation, advanced correlation searching, etc.). Knowledge of scripting languages (e.g., PowerShell and Python). Understanding of logging for common platforms and devices, including Linux and network equipment. Understanding of SIEM log flow, aggregation, and forwarding. Ability to engage and collaborate with client stakeholders and other groups within the customer environment to drive resolution for security issues. About The Job In this role, you will be responsible for enabling the technology and tools required to accomplish daily tasks within a Cyber Defense Center (CDC). You will collaborate with multiple cross-functional teams such as Security Architects, Security Analysts, Client Information Technology (IT) resources, and other business resource owners, to define requirements and deliver recommendations focused on technologies required to support the client's CDC. In addition, you will be responsible for maintaining the operational readiness of client Security Information and Event Management (SIEM), creating detection content, identifying areas for improvement, and setting appropriate configurations of the SIEM or related response technologies required for a client's Security Operations Center (SOC) to maintain effective incident detection and response capabilities. You will be developing and supporting automation playbooks within a client's Security Orchestration and Automated Response (SOAR) platform. You will work as a member of a technical team in a rapidly changing environment, administer a variety of information security technologies, learn new emerging technologies, and be passionate about protecting customer data and corporate assets from the threats facing multiple industries. Part of Google Cloud, Mandiant is a recognized leader in dynamic cyber defense, threat intelligence and incident response services. Mandiant's cybersecurity expertise has earned the trust of security professionals and company executives around the world. Our unique combination of renowned experience responding to some of the most complex breaches, nation-state grade threat intelligence, machine intelligence, and the industry's best security validation ensures that Mandiant knows more about today's advanced threats than anyone. Responsibilities Identify issues in customer cyber defense centers and formulate strategies for improvement, plan implementation of improvements, and execute/oversee plans to completion. Create and modify SIEM use cases and detection logic, leveraging cyber threat intelligence, written in technology-specific query language or sigma open signature format. Provide expertise for SIEM and other SOC technologies that assist in incident response. Measure and improve alert fidelity through metrics creation, tracking, responding to tuning requests, implementing incident-specific detection logic, etc. Support development of automations and orchestration playbooks in client SOAR platforms. Google is proud to be an equal opportunity workplace and is an affirmative action employer. We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or Veteran status. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. See also Google's EEO Policy and EEO is the Law. If you have a disability or special need that requires accommodation, please let us know by completing our Accommodations for Applicants form .