What You’ll Do

• Deploy, configure, and maintain IBM QRadar SIEM solutions.
• Onboard and normalise log sources across both cloud and on-premise environments.
• Develop and optimise analytical rules for advanced threat detection and behavioural analysis.
• Design and implement incident response playbooks and integrate them with SOAR platforms to automate triage and response.
• Conduct threat modelling exercises (MITRE ATT&CK, STRIDE, Cyber Kill Chain) and translate them into actionable use cases.
• Perform in-depth investigations, coordinate incident response, and collaborate with threat intelligence teams.
• Produce dashboards, reports, and insights on security posture and incident trends.
• Support scoping and demonstrations of SOC tools for new opportunities.
• Mentor junior analysts and contribute to continual service improvements.

What We’re Looking For

• 3+ years experience in SOC/NOC Environments
• Strong experience with SIEM - IBM QRadar.
• Experience with log parsing, KQL/SPL/AQL, and scripting (Python, PowerShell).
• Solid understanding of threat detection, incident response, vulnerability management, and penetration testing.
• Familiarity with frameworks such as MITRE ATT&CK, NIST, and CIS.
• Strong communication and presentation skills, with the ability to work across technical and business teams.
• Relevant certifications (e.g., CISSP, GIAC, SC-200, Splunk, IBM QRadar Specialist, Chronicle Security Engineer) are advantageous.
• Cloud security knowledge (AWS, Azure) and ITIL processes is desirable.
• Ability to participate in a 24/7 on-call rota.

Base pay range: Up to £80,000 (depending on experience) + bonus

Eligibility: Candidates must be eligible for UK Security Clearance

Employment type: Full-time

Seniority level: Mid-Senior level

Job function: Consulting

Industries: IT Services and IT Consulting and Computer and Network Security