Mid-Senior SOC Operations Analyst (Contract)

We’re partnering with a leading organisation to find an experienced SOC Operations Analyst to support and enhance day-to-day security operations within a mature, data-driven environment.

€575 per day

English Speaking

EU Citizens Only

On-site - The Hague

6 month contract

What We’re Looking For

• 5+ years’ experience in SOC operations within a production environment
• Proven experience onboarding services/log sources into SOC operations
• Strong hands-on experience with Splunk Enterprise Security
• Experience working with AWS and Azure security logs
• Solid understanding of detection logic and SOC workflows

What You’ll Be Doing

Operational Readiness & Onboarding

• Own end-to-end onboarding of new detections and security capabilities into SOC operations
• Validate log ingestion, parsing, field mapping, dashboards, and alert routing
• Define and enforce operational acceptance criteria before 24/7 handover

Security Monitoring & Incident Response

• Perform triage, investigation, and escalation across SIEM and cloud platforms
• Maintain high-quality case documentation and investigation notes
• Identify monitoring gaps and telemetry blind spots

Collaboration with Detection Teams

• Act as the bridge between SOC and Detection Engineering
• Ensure detections are practical, actionable, and aligned with SOC processes
• Contribute to tuning thresholds and enrichment strategies

Documentation & Knowledge Sharing

• Create and maintain SOPs, playbooks, onboarding guides, and investigation procedures
• Ensure documentation is audit-ready and accessible to L1/L2 analysts

Cloud Security Operations

• Investigate alerts and validate logging coverage across AWS and Azure environments
• Recommend improvements to visibility and operational workflows