SOC Security Analyst

SOC Security Analyst Job review UK

SOC Security Analysts in security centre

Cyber Security is a subject on virtually everyone’s mind to one extent or another, businesses are increasingly aware of the threat from Cyber Security and they are looking at ways to mitigate the risks. The SOC Security Analyst is critical in achieving this as more Security Centres come on line. They are deployed either directly by the business themselves, or as a Managed Security Service.

Depending on the size and scale of the business, the SOC will have a significant resource requirement and in particular the mainstay of the SOC is the SOC Security Analyst.

The SOC Security Analyst is a role that is in great demand and this demand is set to increase and with there being a severe Cyber Security talent shortage in the market, this is a great entry point to a very promising career. Its estimated that global jobs in Cyber Security will hit 6 Million by 2019 but more importantly with an expected shortfall of around 1.5 Million. As a result of this Forbes claims that 40,000 security analyst roles go unfilled in the USA.  (At this time I don’t have figures for the UK but it’s safe to say there is over-demand).

The role of the SOC Security Analyst can be quite broad and, depending on the size and makeup of the SOC there will be several role types. These will mostly be defined by a person’s experience and the IT Skills and Cybersecurity Skills they have acquired.

From Entry Level through to SOC Manager.

Cyber Security background with a group of business peopleThe basic Entry Level requirement would usually be an appropriate BSc or MSc degree and ideally in an IT or Computer Science subject in order to provide a general IT skill set. This might include working with Operating Systems such as Linux, Windows or MAC, Network Administration tools, TCP/IP, Virtualisation, knowledge of Cloud Architecture, Security Processes and Methodologies and Technical Solutions which should include a level of understanding of Firewalls, IDS, IPS, DDoS, SIEM, Anti Virus and Malware, etc.

But also programming skills that may include Java, C, C#, Python, Perl, SQL, etc..

At entry level it’s unlikely that the person will have any specific security certification. However it is important that anyone wanting to make a career path in Security should be working towards one or more security certificates. These could include; CISSP, CISM, GCIA, GCIH and for someone looking to have a long term career in Cyber Security this ongoing training & Certification is essential.

The role of the analyst will range from:

Entry level, 1st Line

Reviewing the latest alerts to determine relevancy and urgency; Running vulnerability scans and reviewing vulnerability assessment reports; managing and configuring security monitoring tools.

2nd Line

Reviewing trouble tickets; leveraging emerging threat intelligence; identifying affected systems and the scope of an attack; reviewing and collecting various security related data on these systems; determining and directing remediation and recovery.

3rd Line

Reviewing security and vulnerability assessment data; identifying stealthy threats that may have found their way inside the network; using the latest threat intelligence information; conducting penetration testing systems to validate and identify areas of weakness; recommend optimisation of security monitoring tools.


Supervising the SOC team; ongoing recruitment and training of SOC people; staff assessment; managing the escalation process, reviews incident reports; compliance reporting and audit process reporting; developing and executing threat and risk assessment plan and communicating to management and stakeholders.


The UK Salaries range is broad and will depend upon location.

Analysts can range in experience from entry level through to several years’ experience and Management

Money stack on a keyboard

Entry Level, Level 1 Analyst

Salaries start from £18k through to around £32k base.

Level 1 Analyst may join direct from university or may have moved across from another IT related entry level role.  The support or network engineer are good examples of an entry path to become an SOC Security Analyst. They will gain experience at this level and probably obtain initial Security qualifications to support their advancement to Level 2.

Some individuals may be given team leadership responsibility prior to advancement.

For a Level 2 analyst (Incident Response)

Generally would range from around £28k up to £35k or 40k if based in or around London.

These are experienced analysts and will have received security training. They will have at least one security related certificate such as GCIH, GCIA, GCFE. The Level 2 Analyst will usually range in experience from 2 years to 5 years and may be given team leader or coaching/mentoring responsibilities which will help them develop their own skills further. As they progress they will be expected to gain additional levels of certification in order to move their career forward and to stay up to date with industry changes. This may include higher levels of their current qualifications as well as adding addition qualifications such as CEH, CISM, CISSP etc.

Level 3 Analysts (Hunting out the threat)

For higher skilled and more experienced analysts then salaries range up to £60k and possibly higher. The top end of this range may see the person take on team lead duties or Management duties.  The difference for people at this level is they will have more security related qualifications, greater experience (not just in years but in responsibility).  Level 3 Analysts are normally very capable and able to work on their own with little or no supervision. They will take more responsibility for larger events, incidents and projects that require a team response and they will Mentor more junior level analysts etc.

It is not unusual for there to be a bonus component to these salaries of between 5% and 15% and there will be addition pay for Out of Hours work, Call Outs and on call allowance as with most tech related roles.

SOC Manager

sketched ideas for online security

Salaries above 60k base are usually managerial, ie SOC Manager or ‘Head of’ and can range from £60k or £65k which are typical for a recently appointed manager, up to 120k base or more for a Security Director for example.

Virtually all managerial salaries levels would usually include a substantial performance related bonus which is typically 20% to 30% of the base salary.

In all cases salaries will have a geographical component, with London usually attracting the larger salaries, but this also relates to other larger cities such as Birmingham and Manchester. Salaries in London can be as much as 20% to 40% higher than in some of the more outlying regions.  The South East of the country generally attracts higher salaries so the Thames Valley will usually be around 90% to 95% of London salaries with Birmingham and Manchester are not far behind this.  This salary divergence is general for all industry but seems to be greater for the technology jobs market.

Ongoing Prospects and Career options

Cyber Security in particular is seeing a trend to increasing salaries above the norm due mostly to the very high demand of scarce talent, it is therefore attracting a lot of interest at entry level. Prospects for anyone in this industry are very good and will continue to get better along with the increased security threat . However it is also very demanding and requires high academic levels and constant training, re-skilling, certification and maintenance of certificates.

SOC Security Analyst thinking of career options

SOC Security Analyst Career Paths Options

The next logical career steps for a Security Analyst include:

    • Security Architect
    • Security Engineer
    • Security Manager
    • Security Consultant

From there the next move is toward senior and executive management

  • Security Director
  • CISO


Discover how a Recorded Candidate Video Interview will save time and money

SOC Implementation Engineer Job Review

3 thoughts on “SOC Security Analyst

Leave a Reply