Senior SOC Analyst

Date: 9 Jul 2024

Location: London, GB, S1 1AA

Company: Royal Mail Group

Royal Mail


Role Title: Senior SOC Analyst

Location: London or Sheffield (Hybrid) 


What will you do? 


As a Senior SOC Analyst at Royal Mail Group, you will act as the primary analyst taking responsibility for the security monitoring of key technologies across the RMG estate.


You’ll be familiar with a range of SIEM technologies and be comfortable with both graphical interface and scripting language. Providing effective analysis and triage and handling of security information and events, you will also act as a point of escalation for less experienced Security Analysts, providing guidance and mentoring.


You will take the lead in updating/developing, implementing, and operating requisite processes and procedures. Developing and configuring use cases and alerting rules within SIEM technologies. You will also develop and present appropriate KPI, KRI and other requisite reporting to the SOC Team Lead and Head of Security Operations and act as an SME for projects and initiatives relevant to the role.


You will liaise closely with RMG technology teams to ensure the correct response and remediation of security information and events. Also liaising closely with RMG third party suppliers to ensure the correct response and remediation of security information and events.


What skills and experience should you have? 


  • Experience in a SOC, ideally gained in a large, complex corporate environment.
  • In depth knowledge of SIEM technologies, their configuration and operation and demonstrable SIEM scripting language experience, such as KQL, SPL, etc.
  • Strong understanding of the principles and practical's of effectively triaging security events.
  • Experience of threat-based security operations, using industry standard frameworks.
  • Experience of incident runbook and playbook development.
  • Evidence with EDR tooling.


Nice to have experience… 


  • Project delivery experience in an Agile environment
  • SOAR development
  • Scripting or programming language (e.g. PowerShell, Bash, Python)
  • Operational technology exposure
  • Threat intelligence gathering and application.
  • Threat hunting execution
  • Metrics creation and presentation.
  • Technical and professional qualifications relevant to security incident response e.g. SANS GCIH or GCFA, or Certified Incident Responder


What we offer you… 

  • Competitive Salary 
  • 18% Bonus 
  • Competitive Pension Scheme 
  • Car allowance (or cash alternative) 
  • Hybrid Working (2-3 days in office) 
  • Private Healthcare 
  • 25 days holiday (plus the option to buy more) 
  • Plus, many more benefits! 


Interview process and next steps… 


We aim to move as quickly as possible! If your application is successful, you will be contacted by one of our recruitment team who will discuss the two-stage interview process with you.  


We don’t expect every candidate to meet the full criteria for the role. If your experience looks a little different from the job requirements, but you feel you have the relevant skills to bring value to the role, we’d love to learn more about you.


We are happy to support your need for any adjustments during the application and hiring process. Please share the details within your application if required.