L3 SOC Analyst (Cyber Security Consultancy)

? Glasgow (Hybrid)
? Full-time | 24/7 SOC Environment (includes occasional out-of-hours work)
? £55,000 – £70,000 + benefits (depending on experience)

We’re working with a leading cybersecurity consultancy to recruit an experienced L3 SOC Analyst to join their growing Security Operations Centre team.

This is a fantastic opportunity to play a key role in defending a diverse client base against advanced cyber threats, while also mentoring junior analysts and shaping SOC capabilities.

The Role

As an L3 SOC Analyst, you’ll act as a senior escalation point within a 24/7 SOC, leading complex investigations and driving incident response activities. You’ll work closely with threat intelligence, engineering, and client teams to continuously improve detection and response capabilities.

Key Responsibilities

  • Act as the final escalation point for security incidents and alerts
  • Lead and coordinate incident response for high-severity threats
  • Perform advanced threat hunting and forensic investigations
  • Analyse logs from SIEM, EDR, NDR, and cloud security tools
  • Develop and refine detection rules and use cases
  • Support SOC maturity improvements and playbook development
  • Mentor and support L1/L2 analysts
  • Produce detailed incident reports and client-facing communications

Skills & Experience Required

  • Proven experience in a SOC environment (L2/L3 level)
  • Strong hands-on experience with SIEM platforms (e.g., Splunk, Sentinel, QRadar)
  • Experience with EDR/XDR tools (e.g., CrowdStrike, Defender, Carbon Black)
  • Solid understanding of threat detection, incident response, and MITRE ATT&CK
  • Experience in threat hunting and log analysis
  • Knowledge of network protocols, endpoints, and cloud environments
  • Scripting skills (Python, PowerShell, or similar) are desirable
  • Relevant certifications such as GCIA, GCIH, CySA+, or CISSP are a plus

What’s on Offer

  • Competitive salary (£55k–£70k depending on experience)
  • Hybrid working model (Glasgow-based)
  • Exposure to a wide range of clients and industries
  • Opportunity to work with cutting-edge security technologies
  • Clear progression into SOC Lead / Threat Hunting / Incident Response roles
  • Ongoing training and certification support

Additional Information

  • This role operates within a 24/7 SOC, so some out-of-hours work and shift flexibility will be required
  • Candidates must have the right to work in the UK