Security Monitoring & SIEM Analyst
Location: Berkshire (Onsite)
Salary: £45,000 - £60,000 + excellent benefits & training
Security Clearance: Ideally SC Cleared or eligible for SC (UK Nationals only)
________________________________________
Company Overview
An exciting opportunity to join a global technology organisation with a well-established cyber security capability supporting mission-critical environments.
Cyber security is central to the organisation's strategy, with ongoing investment in tooling, threat intelligence, and specialist talent. The security function operates at a mature level, combining Security Operations, threat detection, incident response, and continuous improvement practices to defend against evolving threats.
________________________________________
Role Overview
As a Security Monitoring & SIEM Analyst, you will play a key role within the Security Operations function, focused on real-time detection, investigation, and response to cyber threats using SIEM and security tooling.
This role combines hands-on SIEM analysis, alert triage, investigation, and detection improvement, alongside exposure to incident response and proactive threat detection activities.
You will work across multiple data sources to identify suspicious behaviour, analyse events, and support the organisation's cyber defence posture through effective monitoring and rapid response.
________________________________________
Key Responsibilities
* Monitor, analyse, and investigate security alerts across SIEM and security tooling
* Conduct detailed investigations across log, endpoint, identity, and network telemetry
* Develop and optimise detection logic and SIEM queries to improve alert fidelity
* Analyse security events and correlate activity across multiple data sources
* Support incident response activities, including containment, escalation, and remediation
* Perform IOC analysis, enrichment, and validation using threat intelligence sources
* Identify gaps in detection capabilities and contribute to continuous improvement
* Work closely with infrastructure, SOC, and incident response teams to enhance response capability
* Produce clear and structured investigation reports and escalation summaries
________________________________________
Skills & Experience Required
Core SIEM & Detection Skills
* Strong knowledge of SIEM platforms (e.g. Microsoft Sentinel, Splunk, Elastic)
* Experience writing and tuning queries using:
o Kusto Query Language (KQL)
o ES|QL / Kibana Query Language
o Splunk SPL
* Understanding of event correlation, alerting, and detection use-case development
________________________________________
Technical Foundations
* Strong knowledge of:
o Linux and Windows operating systems
o Core networking concepts (TCP/IP, DNS, HTTP/S, firewalls, VPNs)
* Experience analysing logs across:
o Endpoint, identity, network, and cloud environments
________________________________________
Threat Detection & Security Tooling
* Strong knowledge of:
o EDR/XDR concepts and workflows
o IDS/IPS technologies and signature-based detection
* Experience working with tools such as:
o Microsoft Defender, CrowdStrike, SentinelOne, or similar
________________________________________
Threat & Adversary Knowledge
* Understanding of attacker Tactics, Techniques and Procedures (TTPs) and how they manifest in logs and telemetry
* Familiarity with MITRE ATT&CK framework
* Evidence of staying up to date with:
o Emerging threats
o Adversary tradecraft
o Defensive techniques
________________________________________
Incident Handling & Investigation
* Experience handling security incidents through:
o Detection and triage
o Investigation and analysis
o Handover to Incident Response teams
* Strong understanding of:
o Incident management processes
o Host-based forensic concepts
* Ability to apply post-incident review (PIR) learnings to improve detection and response
________________________________________
Desirable Experience
* Experience within a SOC or cyber defence environment
* Exposure to threat hunting or detection engineering
* Experience in high-security or regulated environments
________________________________________
Certifications (Beneficial)
* Microsoft SC-200 (Security Operations Analyst)
* GIAC / SANS certifications (GCIH, GCIA, GCED, etc.)
* CREST (CPIA, CRIA, CCTIA, CCBTP)
* Other recognised cyber security certifications
________________________________________
Why Join?
* Work within a mature Security Operations environment
* Exposure to advanced SIEM tooling and large-scale environments
* Strong investment in training, certifications, and progression
* Opportunity to develop into:
o Senior SIEM Analyst
o Detection Engineer
o Threat Hunter
________________________________________
About Adecco
Adecco is acting as an Employment Agency. We are proud to be an equal opportunities employer. We are on the client's supplier list for this role.
________________________________________
Keywords
SIEM Analyst, Security Monitoring Analyst, SOC Analyst, Cyber Security Analyst, Microsoft Sentinel, Splunk, Elastic SIEM, KQL, SPL, ES|QL, Threat Detection, Incident Response, EDR, IDS/IPS, MITRE ATT&CK, Cyber Defence
:quality(80))
:quality(80))
:quality(80))