Senior SOC Analyst (24/7 Shift) - Public Sector

IBM
IBM

IT

United Kingdom · Hursley, UK

Posted on Jun 30, 2026
Introduction

At IBM Consulting UK FutureNow, you’ll build a career at the forefront of hybrid cloud and AI, working with leading clients across the public and private sectors.

You’ll collaborate with top industry professionals, gain hands on experience with cutting edge technologies, and deliver solutions that create real business impact. From day one, you’ll work on meaningful, high profile programmes that stretch your skills and accelerate your growth.

We invest heavily in you—supporting continuous learning, in demand skills development, and long term career progression. You’ll thrive in a flexible, inclusive environment that values curiosity, encourages reinvention, and recognises what makes you unique.

We offer:

  • Tools and policies to support your work-life balance from flexible working approaches, sabbatical programs, paid paternity leave, maternity leave and an innovative maternity returners scheme
  • More traditional benefits, such as 25 days holiday (in addition to public holidays), private medical, dental & optical cover, online shopping discounts, an Employee Assistance Program, life assurance and a group pension plan through salary sacrifice.

In this role, you'll work in one of our IBM Consulting Client Innovation Centers (Delivery Centers), where we deliver deep technical and industry expertise to a wide range of public and private sector clients around the world. Our delivery centers offer our clients locally based skills and technical expertise to drive innovation and adoption of new technology.

Your role and responsibilities

As a Technical Consultant specialising in Threat Detection, Response & Intelligence, you will support and lead the monitoring, detection, and initial response to cyber security threats within a 24×7 SOC consulting environment.

You will play a key role in maintaining operational excellence on shift, supporting incident investigation, and ensuring consistent delivery of high-quality security operations across client environments.

Working across SIEM platforms, security tooling, and incident response workflows, you will help ensure threats are identified, triaged, and escalated effectively, while contributing to the continuous improvement of SOC processes and capabilities.

This is a hands-on operational role with responsibility for incident leadership, team support, and quality assurance, alongside exposure to client environments and senior stakeholders.

Key Responsibilities:

• Monitor, triage, and investigate security alerts and incidents across a range of SIEM and security platforms

• Lead or support incident response activities, including:

o Initial investigation

o Containment coordination

o Escalation to relevant teams

• Act as a senior presence on shift, supporting Tier 1/2 analysts and ensuring smooth SOC operations

• Drive incident quality and consistency, ensuring playbooks and procedures are followed

• Support major incident initiation and coordination, including communication across technical and non-technical stakeholders

• Analyse security events and identify:

o Patterns

o Threat behaviours

o Opportunities for improvement

• Contribute to playbook development and refinement, improving SOC efficiency and response capability

• Work with detection and engineering teams to:

o Improve alert quality

o Reduce false positives

o Support operational effectiveness

• Produce clear and structured incident reports and handovers

• Participate in shift handovers, retrospectives, and continuous improvement activities

• Support client interactions where required, providing updates and operational insights

Required education
None
Preferred education
Bachelor's Degree
Required technical and professional expertise

Required Professional and/or Technical Expertise:

• Proven experience working in a SOC environment (L2 / L3 level) within a 24×7 operational setting

• Strong experience with SIEM platforms, such as:

o Microsoft Sentinel, QRadar, Splunk, Elastic or similar

• Practical experience in:

o Incident triage and investigation

o Security event analysis

o Alert validation and escalation

• Understanding of:

o Incident response processes and workflows

o Threat detection methodologies

• Exposure to security tooling, such as:

o EDR/XDR platforms

o Network security technologies

o Identity and access systems

• Ability to interpret logs and identify suspicious behaviour across:

o Endpoints

o Networks

o Cloud environments

• Strong communication skills, with the ability to clearly articulate incidents and risks

• Experience working in client-facing or service-based environments

This role is subject to pre-employment screening in line with the UK Government’s Baseline Personnel Security Standard (BPSS). An additional range of Personal Security Controls referred to as National Security Vetting (NVS) may apply, this could include meeting the eligibility requirements for The Security Check (SC) or Developed Vetting (DV).

Preferred technical and professional experience

Preferred Professional/Technical Expertise:

• Experience acting as a shift lead or senior escalation point within a SOC

• Exposure to threat hunting or detection improvement activities

• Experience working with:

o MITRE ATT&CK

o Threat intelligence integration

• Familiarity with SOAR platforms and automated response workflows

• Relevant certifications such as:

o SC-200

o GCIH / GIAC

o Vendor SIEM certifications

• Experience working in regulated or public sector environments

• Understanding of SOC performance metrics and continuous improvement approaches

ABOUT BUSINESS UNIT

IBM Consulting is IBM’s consulting and global professional services business, with market leading capabilities in business and technology transformation. With deep expertise in many industries, we offer strategy, experience, technology, and operations services to many of the most innovative and valuable companies in the world. Our people are focused on accelerating our clients’ businesses through the power of collaboration. We believe in the power of technology responsibly used to help people, partners and the planet.

YOUR LIFE @ IBM

In a world where technology never stands still, we understand that, dedication to our clients success, innovation that matters, and trust and personal responsibility in all our relationships, lives in what we do as IBMers as we strive to be the catalyst that makes the world work better.

Being an IBMer means you’ll be able to learn and develop yourself and your career, you’ll be encouraged to be courageous and experiment everyday, all whilst having continuous trust and support in an environment where everyone can thrive whatever their personal or professional background.

Our IBMers are growth minded, always staying curious, open to feedback and learning new information and skills to constantly transform themselves and our company. They are trusted to provide on-going feedback to help other IBMers grow, as well as collaborate with colleagues keeping in mind a team focused approach to include different perspectives to drive exceptional outcomes for our customers. The courage our IBMers have to make critical decisions everyday is essential to IBM becoming the catalyst for progress, always embracing challenges with resources they have to hand, a can-do attitude and always striving for an outcome focused approach within everything that they do.

Are you ready to be an IBMer?

ABOUT IBM

IBM’s greatest invention is the IBMer. We believe that through the application of intelligence, reason and science, we can improve business, society and the human condition, bringing the power of an open hybrid cloud and AI strategy to life for our clients and partners around the world.

Restlessly reinventing since 1911, we are not only one of the largest corporate organizations in the world, we’re also one of the biggest technology and consulting employers, with many of the Fortune 500 companies relying on the IBM Cloud to run their business.

At IBM, we pride ourselves on being an early adopter of artificial intelligence, quantum computing and blockchain. Now it’s time for you to join us on our journey to being a responsible technology innovator and a force for good in the world.

IBM is proud to be an equal-opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender, gender identity or expression, sexual orientation, national origin, genetics, pregnancy, disability, neurodivergence, age, or other characteristics protected by the applicable law. IBM is also committed to compliance with all fair employment practices regarding citizenship and immigration status.

OTHER RELEVANT JOB DETAILS

IBM wants you to bring your whole self to work and for you this might mean the ability to work flexibly. If you are interested in a flexible working pattern, please talk to our recruitment team to find out if this is possible in the current working environment.