Role Overview

This role supports Security Operations Centre (SOC) activities, including monitoring, investigation, threat hunting, and incident response. The resource operates as a second line of defence, translating alerts into actionable findings and improving detection capability.

Core Responsibilities

• Perform L2 triage and investigation of security alerts across SIEM, EDR/XDR, email, identity, network, and cloud platforms
• Correlate events to identify root cause, scope, and impact of security incidents
• Investigate phishing, malware, account compromise, and unauthorised access cases
• Conduct proactive threat hunting using threat intelligence and MITRE ATT&CK
• Support containment, remediation, and recovery activities
• Contribute to SOC improvements (playbooks, detection tuning, onboarding of new tools)

Core Requirements

• Degree or Diploma in Cyb...