Intercity

About the Company

At Intercity, we help you Do More with Technology, Cloud & Security, Communications and Managed IT services. However, tech is so much more than a tool - it’s about making amazing things happen. Tech is ensuring a hospital can access vital patient information or a charity being able to communicate in the remotest parts of the world.

Running a business is hard enough without technology problems. We’ll help your people Do More by expanding your IT capabilities and providing a safe pair of hands, when and wherever you need us.

Whether it’s doing something better, doing something faster, or doing something new, we use tech to deliver benefits to your business by enabling you to Do More.

From our unique ‘Do More’ culture to our outstanding reviews, discover what makes our people different.

Listed Jobs

Company Name

Intercity

Job Title

Security Operations Analyst

Job Description

**Job title** Security Operations Analyst **Role Summary** Monitor, analyze, and respond to security incidents for SOC customers using Microsoft Azure security solutions (Sentinel, Defender for 365). Collaborate with senior analysts to investigate alerts, determine true positives, contain threats, and enhance SOC services through rule tuning, automation, and vulnerability recommendations. **Expectations** - Perform daily monitoring and initial incident response following the organization’s Security Incident Response Framework. - Investigate alerts from Microsoft Sentinel and Defender for 365, discerning true positives and applying appropriate containment actions. - Analyze diverse security data sources to detect malicious activity and support customer containment efforts. - Communicate clearly with customers and third‑party stakeholders regarding identified risks. - Partner with senior analysts to identify threat patterns and recommend risk‑reduction strategies. - Contribute to ongoing SOC improvement: tune detection rules, refine automation, improve ticket workflows, and assist customers in strengthening security posture. **Key Responsibilities** - Monitor security alerts and logs via Microsoft Sentinel and Defender for 365. - Conduct root‑cause investigations and determine the severity of incidents. - Apply containment and follow‑up actions based on internal processes and customer agreements. - Communicate incident status and recommendations to customers and internal teams. - Identify trends in threat activity and produce actionable insights. - Tune and update detection rules, and enhance automation scripts and workflows. - Assist customers in addressing vulnerabilities and improving overall security controls. - Maintain accurate incident documentation and post‑incident reports. **Required Skills** - Hands‑on experience with Microsoft Azure, Sentinel, and Defender for 365. - Proven incident investigation and response capabilities. - Understanding of Microsoft cloud security controls and risk assessment. - Ability to analyze security data, identify threats, and recommend controls. - Strong analytical thinking, attention to detail, and methodical approach under pressure. - Excellent communication and collaboration skills. - Familiarity with Log Analytics and Log ingestion concepts. - Knowledge of the MITRE ATT&CK framework (desired). **Required Education & Certifications** - Microsoft Certified: Security, Compliance, and Identity Fundamentals (SC‑900). - Microsoft Certified: Security Operations Analyst (SC‑200). **Desired Certifications** (not mandatory) - Microsoft Certified: Identity and Access Administrator Associate (SC‑300). - Microsoft Certified: Administering Information Security in Microsoft 365 (SC‑401). - Microsoft Certified: Azure Administrator (AZ‑104).

Meppershall, United kingdom

On site

03-03-2026