SECURITY ANALYST III - SOC
Tesco
SECURITY ANALYST III - SOC
Job Description
As a Security Analyst III, you will be the technical authority within the SOC, leading high-quality investigations and proactive threat hunting to protect the organisation from evolving threats. This hands-on role combines advanced technical expertise with leadership, coaching analysts, driving SOC maturity, and optimising tools and processes to set the standard for excellence across the team.
You will act as a role model for SOC Analysts, coaching and guiding them to elevate technical capability and analytical rigour. Beyond day-to-day operations, you will lead maturity objectives, optimise SOC tooling, and identify opportunities for automation, AI integration, and impactful service improvements. You will also play a key role within the CSIRT team, collaborating on major incidents.
- Deliver high-quality investigative analysis to ensure rapid and accurate incident resolution.
- Act as the escalation point and technical authority for complex SOC investigations.
- Lead proactive threat-hunting initiatives to identify and mitigate emerging threats before they impact the business.
- Role-model analytical excellence and decision-making, setting the benchmark for SOC performance.
- Coach and mentor analysts to build technical depth and confidence across the team.
- Drive SOC maturity objectives, improving processes, tooling, and automation for greater efficiency.
- Enhance SOC tool utilisation, including workflow optimisation.
- Identify and implement automation, AI-driven enhancements, and playbook developments.
- Support CSIRT activities during major incidents, ensuring coordinated and effective response.
- Monitor MSSP performance, ensuring alert triage and investigations meet quality and timeliness standards.
- Over 2 years’ experience working in an internal SOC or 3 years at an MSSP in a senior role.
- Deep knowledge of cybersecurity frameworks: MITRE ATT&CK, Cyber Kill Chain, Incident Response Lifecycle, Pyramid of Pain.
- Expertise in threat hunting and advanced investigative analysis.
- Deep understanding of attacker tactics, techniques, and procedures (TTPs) and threat actor behaviours.
- Proficiency in SIEM/XDR platforms and tuning detection logic, use cases, and alert optimisation.
- Advanced querying and scripting skills (e.g., KQL, SPL) for data analysis and threat detection.
- Ability to recommend tooling enhancements and process improvements to strengthen SOC capability.
- Practical knowledge of networks, operating systems, and scripting for investigative purposes.
- Experience in leading technical initiatives and driving service maturity improvements.
- Demonstrated ability to coach and develop team members, fostering technical excellence.
- GIAC certifications
- Other relevant certifications such as CISSP or CISM will be considered.
- A relevant degree, with professional experience.
- In case you don’t hold these certifications/qualifications, proven experience and formal training in SOC operations, incident response, and threat analysis are essential.
Tesco Technology was established in Prague to support Tesco’s retail business in Central Europe and across the Tesco Group. What began as a regional center over 25 years ago has evolved into a modern, forward-thinking team, driving innovation and digital transformation throughout the region.
With operations in the UK, Ireland, India, Hungary, Poland, and the Czech Republic, we’re committed to delivering great value to our customers every day.
Let’s {code} the future together at {Tesco Technology}!
Locations
- Czechia
Salary
Estimated Salary Rangemedium confidence
40,000 - 70,000 EUR / yearly
Source: ai estimated
* This is an estimated range based on market data and may vary based on experience and qualifications.
Skills Required
- Deep knowledge of cybersecurity frameworks: MITRE ATT&CK, Cyber Kill Chain, Incident Response Lifecycleintermediate
- Advanced technical expertise in SOC operationsintermediate
- Proactive threat huntingintermediate
- Tool optimisation and automationintermediate
- AI integrationintermediate
- Coaching and mentoring analystsintermediate
- Monitoring MSSP performanceintermediate
Required Qualifications
- Over 2 years’ experience working in an internal SOC or 3 years at an MSSP in a senior role (experience)
Responsibilities
- Deliver high-quality investigative analysis
- Act as escalation point and technical authority for complex investigations
- Lead proactive threat-hunting initiatives
- Role-model analytical excellence
- Coach and mentor analysts
- Drive SOC maturity objectives
- Enhance SOC tool utilisation
- Identify and implement automation and AI enhancements
- Support CSIRT activities during major incidents
- Monitor MSSP performance
Tags & Categories
Answer 10 quick questions to check your fit for SECURITY ANALYST III - SOC @ Tesco.
10 Questions
~2 Minutes
Instant Score
SECURITY ANALYST III - SOC
Tesco
SECURITY ANALYST III - SOC
Job Description
As a Security Analyst III, you will be the technical authority within the SOC, leading high-quality investigations and proactive threat hunting to protect the organisation from evolving threats. This hands-on role combines advanced technical expertise with leadership, coaching analysts, driving SOC maturity, and optimising tools and processes to set the standard for excellence across the team.
You will act as a role model for SOC Analysts, coaching and guiding them to elevate technical capability and analytical rigour. Beyond day-to-day operations, you will lead maturity objectives, optimise SOC tooling, and identify opportunities for automation, AI integration, and impactful service improvements. You will also play a key role within the CSIRT team, collaborating on major incidents.
- Deliver high-quality investigative analysis to ensure rapid and accurate incident resolution.
- Act as the escalation point and technical authority for complex SOC investigations.
- Lead proactive threat-hunting initiatives to identify and mitigate emerging threats before they impact the business.
- Role-model analytical excellence and decision-making, setting the benchmark for SOC performance.
- Coach and mentor analysts to build technical depth and confidence across the team.
- Drive SOC maturity objectives, improving processes, tooling, and automation for greater efficiency.
- Enhance SOC tool utilisation, including workflow optimisation.
- Identify and implement automation, AI-driven enhancements, and playbook developments.
- Support CSIRT activities during major incidents, ensuring coordinated and effective response.
- Monitor MSSP performance, ensuring alert triage and investigations meet quality and timeliness standards.
- Over 2 years’ experience working in an internal SOC or 3 years at an MSSP in a senior role.
- Deep knowledge of cybersecurity frameworks: MITRE ATT&CK, Cyber Kill Chain, Incident Response Lifecycle, Pyramid of Pain.
- Expertise in threat hunting and advanced investigative analysis.
- Deep understanding of attacker tactics, techniques, and procedures (TTPs) and threat actor behaviours.
- Proficiency in SIEM/XDR platforms and tuning detection logic, use cases, and alert optimisation.
- Advanced querying and scripting skills (e.g., KQL, SPL) for data analysis and threat detection.
- Ability to recommend tooling enhancements and process improvements to strengthen SOC capability.
- Practical knowledge of networks, operating systems, and scripting for investigative purposes.
- Experience in leading technical initiatives and driving service maturity improvements.
- Demonstrated ability to coach and develop team members, fostering technical excellence.
- GIAC certifications
- Other relevant certifications such as CISSP or CISM will be considered.
- A relevant degree, with professional experience.
- In case you don’t hold these certifications/qualifications, proven experience and formal training in SOC operations, incident response, and threat analysis are essential.
Tesco Technology was established in Prague to support Tesco’s retail business in Central Europe and across the Tesco Group. What began as a regional center over 25 years ago has evolved into a modern, forward-thinking team, driving innovation and digital transformation throughout the region.
With operations in the UK, Ireland, India, Hungary, Poland, and the Czech Republic, we’re committed to delivering great value to our customers every day.
Let’s {code} the future together at {Tesco Technology}!
Locations
- Czechia
Salary
Estimated Salary Rangemedium confidence
40,000 - 70,000 EUR / yearly
Source: ai estimated
* This is an estimated range based on market data and may vary based on experience and qualifications.
Skills Required
- Deep knowledge of cybersecurity frameworks: MITRE ATT&CK, Cyber Kill Chain, Incident Response Lifecycleintermediate
- Advanced technical expertise in SOC operationsintermediate
- Proactive threat huntingintermediate
- Tool optimisation and automationintermediate
- AI integrationintermediate
- Coaching and mentoring analystsintermediate
- Monitoring MSSP performanceintermediate
Required Qualifications
- Over 2 years’ experience working in an internal SOC or 3 years at an MSSP in a senior role (experience)
Responsibilities
- Deliver high-quality investigative analysis
- Act as escalation point and technical authority for complex investigations
- Lead proactive threat-hunting initiatives
- Role-model analytical excellence
- Coach and mentor analysts
- Drive SOC maturity objectives
- Enhance SOC tool utilisation
- Identify and implement automation and AI enhancements
- Support CSIRT activities during major incidents
- Monitor MSSP performance
Tags & Categories
Answer 10 quick questions to check your fit for SECURITY ANALYST III - SOC @ Tesco.
10 Questions
~2 Minutes
Instant Score