Key Responsibilities
- Work with cyber security stakeholders to define and document business, functional, and technical requirements for SOC initiatives.
- Facilitate workshops with SOC Analysts, Engineers, Incident Response teams, Infrastructure, and Risk & Compliance stakeholders.
- Analyse current SOC operating models and identify opportunities for process improvement and automation.
- Produce high-quality documentation including:
- Business Requirements Documents (BRDs)
- Functional Specifications
- User Stories
- Process Flows
- Gap Analyses
- Operating Model Documentation
- Support implementation and optimisation of SIEM platforms such as Splunk Enterprise Security, Microsoft Sentinel, or IBM QRadar.
- Collaborate with SOC teams to improve:
- Alert triage workflows
- Incident management processes
- Threat intelligence integration
- Detection use cases
- Playbooks and runbooks
- Assist with the creation of KPIs, reporting dashboards, and SOC performance metrics.
- Work alongside Project Managers and technical delivery teams to ensure requirements are accurately translated into delivery outcomes.
- Support UAT activities and validate solutions against agreed business requirements.
- Ensure compliance with cyber security frameworks and regulatory requirements.
Required Skills & Experience
- Proven experience working as a Business Analyst within cyber security or SOC-focused projects.
- Strong understanding of SOC operations and security monitoring processes.
- Experience working with SIEM technologies such as:
- Splunk Enterprise Security
- Microsoft Sentinel
- IBM QRadar
- Knowledge of cyber security concepts including:
- Incident Response
- Threat Detection
- Vulnerability Management
- Log Management
- Threat Intelligence
- Experience gathering and documenting both business and technical requirements.
- Strong stakeholder management and workshop facilitation skills.
- Familiarity with Agile and Waterfall delivery methodologies.
- Excellent communication and documentation skills.
