Protect customers. Respond with precision. Help shape the future of our SOC.
Intercity is looking for a driven and detail-oriented Security Operations Analyst to join our growing Security Operations Centre (SOC). This is a hands-on role at the heart of our security services, where you’ll be responsible for monitoring, analysing, and responding to security incidents for our customers using Microsoft’s leading security technologies.
You’ll work closely with senior analysts and engineers, playing a key role in incident response while also contributing to the continuous improvement and evolution of our SOC services.
About The Role
As a Security Operations Analyst, you will:
- Provide day-to-day monitoring and initial response for SOC customers in line with Intercity’s Security Incident Response Framework.
- Investigate alerts generated by Microsoft Sentinel and Microsoft Defender for 365, identifying true positives and responding appropriately.
- Analyse multiple security data sources to detect malicious activity and support containment actions.
- Communicate clearly and professionally with customers and third parties where security risks are identified.
- Work with Senior Security Analysts to identify threat patterns and recommend strategies to reduce risk across customer environments.
- Contribute to the ongoing development of the SOC service through:
- Tuning detection rules within Microsoft Sentinel
- Improving automation and ticket workflows
- Identify vulnerabilities within Microsoft Defender 365 and support customers in improving their overall security posture.
Essential Experience & Knowledge:
- Strong, demonstrable experience with:
- Microsoft Azure
- Microsoft Sentinel
- Microsoft Defender for 365
- Proven experience investigating and responding to security incidents.
- Solid understanding of Microsoft cloud security controls, tools, and technologies.
- Ability to analyse cloud security risks and recommend appropriate controls.
Desirable Experience:
- Understanding of Log Ingestion and Log Analytics.
- Familiarity with the MITRE ATT&CK framework.
Certifications:
Essential
- Microsoft Certified: Security, Compliance, and Identity Fundamentals (SC-900)
- Microsoft Certified: Security Operations Analyst (SC-200)
Desirable
- Microsoft Certified: Identity and Access Administrator Associate (SC-300)
- Microsoft Certified: Administering Information Security in Microsoft 365 (SC-401)
- Microsoft Certified: Azure Administrator (AZ-104)
Skills & Behaviours
- Takes ownership with a can-do attitude.
- Calm and methodical in high-pressure situations.
- Strong attention to detail and analytical thinking.
- Amiable, flexible, and collaborative team player.
What We Offer:
- 33 days holiday (inclusive of bank holidays), with entitlement increasing by one day for each full calendar year employed, up to a maximum of five days.
- Annual pay reviews.
- Holiday buy scheme.
- All-company bonus scheme.
- Death in service cover.
- Employee assistance programme.
- Company pension.
- Active social calendar.
- A strong focus on developing our people.