3998 IT & Software Developer jobs in the UK
C / C++ Developer Jobs in the UK
C / C++
.NET Developer Jobs in the UK
C#.NET
Data Science & Engineering Jobs in the UK
Data
Golang Developer Jobs in the UK
Golang
Java Developer Jobs in the UK
Java
JavaScript Developer Jobs in the UK
JavaScript
Mobile app Developer Jobs in the UK
Mobile
PHP Developer Jobs in the UK
PHP
Python Developer Jobs in the UK
Python
Ruby on Rails Developer Jobs in the UK
Ruby
SAP Developer Jobs in the UK
SAP
System Engineer Jobs in the UK
System
DevOps Engineer Jobs in the UK
DevOps
IT & ICT Jobs in the UK
IT
Database Developer Jobs in the UK
Database
QA, Software Tester Jobs in the UK
QA, Test
Machine-Learning Developer Jobs in the UK
ML, AI
Security Engineer Jobs in the UK
Security
Network Engineer Jobs in the UK
Network
GameDev Developer Jobs in the UK
GameDev
Blockchain Developer Jobs in the UK
Blockchain
UI / UX Designer Jobs in the UK
UX, UI
Architect Specialist Jobs in the UK
Architect
Product / Project Manager Jobs in the UK
Business
IT Management Jobs in the UK
Manager
IT Support Jobs in the UK
Support
Rust Developer Jobs in the UK
Rust
Hardware Engineer Jobs in the UK
Hardware
No-Code Developer Jobs in the UK
No-Code
remote
London
Belfast
Birmingham
Bradford
Brighton
Bristol
Cambridge
Cardiff
Coventry
Edinburgh
Exeter
Glasgow
Leeds
Leicester
Lincoln
Liverpool
Manchester
Milton-Keynes
Newcastle
Norwich
Nottingham
Oxford
Plymouth
Portsmouth
Preston
Reading
Sheffield
Southampton
Sunderland

Robert Walters jobs

Remote L3 SOC Analyst - Microsoft XDR/Sentinel

£43,500 - 73,500
Robert Walters
St Martin's Courtyard, London + Remote
£43,500 - 73,500
Company Size icon
Company Size
1k-5k
Company Type icon
Company Type
Services
Exp Level icon
Exp Level
Senior
Job Type icon
Job Type
Full-Time
Language icon
Language
English
Visa sponsorship icon
Visa sponsorship
No

Requirements

Must:
- Extensive hands-on experience with Microsoft Sentinel (SIEM) and Microsoft Defender XDR (formerly M365 Defender) - Strong proficiency in KQL, analytic rule creation, hunting queries, custom detection engineering, and automation - Deep understanding of Windows, Azure AD / Entra ID, M365, network security, and cloud workloads - Advanced knowledge of attacker TTPs, threat intelligence sources, and MITRE ATT&CK mapping - Proven experience leading major incidents in an enterprise SOC environment - Strong understanding of SOAR automation and experience building Logic Apps-based playbooks - Ability to interpret log data from diverse sources and build correlation logic that reduces false positives - Experience with PowerShell, Python, or tooling integration for enrichment and automation (are strong advantages) - Familiarity with EDR tuning, threat intelligence platforms, and cloud workload security (Azure/AWS/GCP) - Excellent analytical, documentation, and communication skills

Technologies

AWS
Azure
Cloud
GCP
Support
Network
Office 365
PowerShell
Python
Security
Windows
Business

Responsibilities

- Lead and manage high-severity security incidents from identification through containment, eradication, recovery, and post-incident reporting - Perform advanced threat hunting using Microsoft Defender XDR, Sentinel, KQL, and other telemetry sources to identify emerging threats, anomalous behaviour, and undetected malicious activity - Develop, tune, and maintain Sentinel analytics rules, workbooks, playbooks (Logic Apps), and custom detection use cases to improve SOC detection capability - Act as a subject matter expert for the Microsoft security ecosystem, including Defender for Endpoint, Office 365, Identity, Cloud Apps, Defender for Cloud, and Azure security controls - Create and maintain Kusto Query Language (KQL) queries, automation workflows, and enrichment logic to enhance detections and investigation efficiency - Support purple-team activities, threat modelling, and attack-simulation scenarios aligned to MITRE ATT&CK - Provide technical escalation support and mentorship to L1/L2 SOC analysts - Perform root-cause analysis, identify systemic issues, and drive continuous improvement across SOC processes - Collaborate with engineering, cloud, and cybersecurity teams to enhance log ingestion, telemetry quality, and SIEM/SOAR architecture - Produce clear, structured incident reports, threat briefs, and stakeholder updates

Description


We are a reputable global client seeking an experienced L3 SOC Analyst with expertise across the Microsoft Security stack, including Microsoft XDR, Microsoft Defender, Sentinel, and the wider M365 security ecosystem. You will be handling incident response, threat detection, threat hunting, leading complex investigations, and developing advanced detection content. Join our dynamic team and be part of an exciting journey in enhancing our cybersecurity capabilities.
Something wrong or incorrect with this job? Tell us in the chat 💬 on the right ➡️

IT & Software developer jobs in the UKProduct / Project Manager jobs in the UKRemote Product / Project Manager jobs
You can find Business Specialist salaries in the UK here.

How many Business Specialist jobs are in the UK?

Currently, there are 3998 Business openings. Check also: Project-Manager jobs, Product-Manager jobs, CRM jobs - all with salary brackets.

Is the UK a good place for Business Specialists?

The UK is one of the best countries to work as a Business Specialist. It has a vibrant startup community, growing tech hubs and, most important: lots of interesting jobs for people who work in tech.

Which companies are hiring for Business Specialist jobs in the UK?

Arctic Shores, SwapTix, Bestway Group, HM Land Registry, Companies House, FCDO Services, TBG Solutions Ltd among others, are currently hiring for Business roles in the UK.

The company with most openings is Experis as they are hiring for 110 different Business Specialist jobs in the UK. They are probably quite committed to find good Business Specialists.