Find your next cybersecurity opportunity


Tier 1 SOC Analyst

NCC Group

NCC Group

Remote · United Kingdom
Posted on Thursday, August 17, 2023

Role: R1 SOC Analyst

Location: Remote UK

Thanks for checking out our job opening; we are excited that YOU are interested in learning more about NCC Group.

We are on a mission to make society a safer and more secure place. Our people are the ones who make that possible; a global community of talented individuals working together towards a safer future.

We aim to create an environment where everyone can reach their full potential. We work together, we are brilliantly creative, we embrace difference and we want you to join in our mission, to make the world safer and more secure.

Take a look at our website here to learn more about why we’re one of the leading global Cyber Security and Risk Mitigation business…

The Opportunity

The R1 Analyst plays a vital role in the Security Operations Centre (SOC), contributing to the organization's overall cybersecurity posture by actively participating in the monitoring, analysis, and response to security incidents and events. With a focus on continuous learning and collaboration, the R1 Analyst supports the SOC team in identifying, assessing, and mitigating potential security threats and vulnerabilities.

Through the application of foundational technical skills and a strong dedication to detail-oriented analysis, the R1 Analyst assists in safeguarding the organization's critical systems, data, and assets from cyber risks. By working closely with senior analysts and leveraging emerging technologies, the R1 Analyst helps maintain a vigilant and proactive defence against evolving cyber threats, enabling the organization to operate securely and with confidence.

Key Accountabilities:

  • Monitor health and security alerts and events from various sources including security information and event management (SIEM) systems, intrusion detection/prevention systems (IDS/IPS), and other monitoring tools.

  • Conduct initial triage of security incidents to assess their severity and potential impact on the organization.

  • Document and maintain incident details, including initial findings, actions taken, and any relevant evidence.

  • Communicate findings and recommendations clearly and concisely to technical and non-technical audiences.

  • Initiate escalation procedure to counteract potential threats, vulnerabilities and threat actors both internally and externally.

  • Collaborate with other SOC team members, IT staff, and relevant stakeholders to effectively respond to security incidents.

  • Provide customer service that exceeds our customers’ expectations at all times.

  • Contribute to the creation and maintenance of security documentation, including incident response playbooks, standard operating procedures, and knowledge base articles.

  • Document and conform to processes related to security monitoring procedures.

  • Compilation and review of service focused reporting.

  • Perform other duties as assigned.

Minimum Requirements

  • Relevant certifications such as CompTIA Network+, Security+.

  • Basic understanding of networking protocols, operating systems, and security technologies.

  • Familiarity with security tools such as SIEM, IDS/IPS, antivirus, and vulnerability scanning tools.

  • Ability to interpret and analyze security logs and events generated by various systems.

  • Flexibility to quickly learn and adapt to new security tools, technologies, and processes.

  • Strong analytical and problem-solving skills.

  • Good communication skills, both written and verbal.

  • Ability to work collaboratively as part of a team.

Desirable Requirements

  • Bachelor's degree in Computer Science, Information Security, or related field (or equivalent experience).

  • Relevant certifications such as CompTIA CySA+, GCIH, CSA, CEH.

  • Hands-on experience with Security Information and Event Management (SIEM) platforms (e.g., Splunk, ELK Stack, IBM QRadar) and their use in aggregating and analyzing security event data.

  • Proficiency with security tools such as intrusion detection/prevention systems (IDS/IPS), antivirus, endpoint detection and response (EDR), and vulnerability scanning tools.

  • Familiarity with scripting languages (e.g., Python, PowerShell) for automation and analysis tasks.


  • Client-Focused: Prioritizes client needs and expectations, ensuring that all actions and decisions lead to client satisfaction and success.

  • Collaborates as ‘One NCC’: Works in unison with all departments and teams, fostering a united front and shared objectives across the entire organisation.

  • Adds Value: Goes beyond the minimum requirements to provide solutions and contributions that enhance the customer’s success and growth.

  • Enables and Empowers: Provides tools, resources, and support to team members, fostering an environment where they can thrive and excel.

  • Personal Responsibility: Takes ownership of actions, decisions, and outcomes, acknowledging successes as well as areas for improvement.

  • Communicates Openly and Respectfully: Shares information transparently while maintaining respect and consideration for all stakeholders.

  • Open Mindset: Embraces new ideas, diverse perspectives, and is willing to adapt in response to evolving situations or feedback.

  • Growth and Development: Actively seeks opportunities for personal and professional growth, championing learning and evolution for oneself and the organisation.

  • Analytical Thinking: Demonstrates a systematic approach to resolving issues and identifying improvements.

  • Collaboration: Works effectively across various teams and fosters a collaborative environment.

  • Proactive Nature: Anticipates potential service issues or user needs and acts on them before they escalate.

  • Continuous Learning: Shows a commitment to personal and professional growth and keeps up with the latest trends and practices.

  • Customer-Centric: Always considers the end-user's experience and strives to enhance the quality of IT services delivered.

  • Problem-Solving: Demonstrates resilience in finding solutions to complex challenges.

  • Adaptability: Remains flexible and positive in a constantly evolving environment and handles change constructively.

About your application

We review every application received and will get in touch if your skills and experience match what we’re looking for. If you don’t hear back from us within 10 days please don’t be too disappointed – we may keep your CV on our database for any future vacancies and we would encourage you to keep an eye on our career opportunities as there may be other suitable roles. Please note that this role involves mandatory pre-employment background checks due to the nature of the work NCC Group does. To apply, you must be willing and able to undergo the vetting process. This role being advertised will be subject to BS7858 screening as a mandatory requirement.

If you do not want us to retain your details please email All personal data is held in accordance with the NCC Group Privacy Policy. We are committed to diversity and flexibility in the workplace. If you require any reasonable adjustments to support you during the application process, please tell us at any stage.