SOC Shift Lead
The information below covers the role requirements, expected candidate experience, and accompanying qualifications.
Location:Hemel Hempstead (On-site, Shift-Based)
Security Clearance Level:Must beeligible for DV Clearance. Due to the highly secure nature of this work all applicants will be required to gain UK Security Clearance to the highest level. You must be a British National who has been resident in the UK for at least the last 10 years and you cannot have been outside the UK for more than 28 days on any one occasion within the last 5 years.
Benefits:25 days annual leave (option to purchase additional days), health cash plan, life assurance, pension scheme, and a generous flexible benefits fund
Key Requirements
We are seeking ahighly capable SOC Shift Leadto support critical infrastructure within the Aerospace, Defence and Security sector. You will lead from the front—mentoring analysts, managing incident triage, and driving operational improvements in a mission-critical environment. You will lead a team of 4.
This is ashift-based position, following a rotation of2 days (6am–6pm), 2 nights (6pm–6am), 4 days off.
Essential Skills and Experience:
- Proven experience in aSecurity Operations Centre (SOC)environment
- SOC Level 2
- Previouspeople management or line managementexperience
- Strong familiarity withSIEM platformsincludingMicrosoft SentinelandSplunk
- Knowledge and use of theMitre Att&ck Frameworkfor detection and threat analysis
- In-depth understanding of:
- Client-server applicationsandmulti-tier web environments
- Relational databases,firewalls,VPNs,enterprise AntiVirus solutions
- Networking principles(e.g. TCP/IP, WAN, LAN, SMTP, HTTP, FTP, POP, LDAP)
Desirable (Nice-to-Have):
- Experience instatic malware analysisandreverse engineering
- ActiveDV Clearance
- Scripting or programming withPython,Perl,Bash,PowerShell, orC++
- Recognised certifications such asCREST Practitioner Intrusion AnalystorBlue Team Level 1
- Familiarity with additional SIEM technologies, especiallyQRadar
Role & Responsibilities
As aSOC Shift Lead, you will ensure the smooth operation and continual enhancement of SOC processes and personnel. You will play a pivotal role in protecting client systems and guiding the team through sophisticated cyber defence challenges.
Your responsibilities will include:
- Monitoring, triaging, and investigatingalerts acrosshost and network security systems
- Performingdeep analysis of traffic, logs, and system eventsto identify threats and vulnerabilities
- Providingline managementto SOC Analysts—developing capability and supporting career progression
- Enhancing team knowledge acrossSOC tooling,detection methodologies, andthreat triage
- Analysing and optimisingdetection rules and use cases based onMitre Att&ck
- Maintaining detailed and up-to-dateincident documentation, findings, and mitigation strategies
- Acting as arepresentative of the SOCin key meetings and internal stakeholder engagements
- Working shifts from theon-site SOC in Hemel Hempstead
About the Organisation
Our client delivers cutting-edge digital solutions to clients in Central Government, operating in privileged environments where digital trust and national safety are paramount.
We believe in a culture ofcollaboration, professional development, and knowledge-sharing, where employees feelvalued and supported. Our work contributes meaningfully to theUK’s most complex safety- and security-critical environments, and we are proud to maintain consistently high levels ofcustomer satisfactionacross our engagements.