Lead SOC Analyst

5 days ago Be among the first 25 applicants

Get AI-powered advice on this job and more exclusive features.

Direct message the job poster from Anson McCade

Lead SOC Analyst

Leeds

Day Shift / On-site

A leading UK-based consultancy specialising in Defence and Security is seeking an experienced Lead SOC Analyst to support the day-to-day operations and continuous improvement of a dedicated SOC for a high-profile Critical National Infrastructure (CNI) organisation. This opportunity involves working at the forefront of cyber defence, helping to secure hundreds of cloud-hosted systems across AWS and Azure environments from persistent and advanced threats.

This strategic SOC is designed to be a benchmark of cyber security excellence, blending in-house and consultancy staff across multiple sites. Core operational duties will be conducted from a secure facility in Leeds, due to essential connectivity with the customer’s network.

The role is shift-based, supporting 24/7 operations as part of a structured four-team rotation. The successful candidate will play a vital role in detecting, analysing, and responding to security threats using industry-leading Security Information and Event Management (SIEM) and orchestration tools. Due to the nature of the project applicants must hold an active SC Clearance and be eligible for enhanced clearance checks

Key Responsibilities:

• Lead operational cyber defence activities across a 24/7 SOC environment.
• Deliver comprehensive shift handover briefings and ensure continuity across teams.
• Monitor and analyse SIEM alerts, logs, and network traffic to identify and respond to security threats.
• Triage and categorise incidents in accordance with established security policies.
• Detect and investigate intrusion attempts and determine their scope and impact.
• Document high-quality security incident reports, supported by threat intelligence and independent research.
• Conduct or support remediation efforts to neutralise threats, restore systems, and prevent recurrence.
• Produce post-incident review reports and provide actionable security improvement recommendations.
• Apply threat intelligence to improve detection capabilities and situational awareness.
• Support national-scale cyber incident response activities in a coaching or mentoring capacity.
• Collaborate with internal and client teams to enhance SOC services and align with evolving threat landscapes.
• Develop automated response workflows for SOAR platforms targeting common attack vectors.
• Drive continuous improvement by refining detection use cases and enhancing SOC processes.

Technical Skills & Experience:

• Hands-on experience with SIEM tools such as Splunk (Enterprise Security) and Microsoft Sentinel.
• Proficiency in Python and scripting for automation and analysis tasks.
• Strong understanding of security architecture, especially in cloud (AWS/Azure) and network environments.
• Experience with cyber threat intelligence, including threat actor tactics, techniques, and procedures (TTPs).
• Proven track record of investigating complex intrusions, including nation-state or targeted ransomware attacks.
• Solid knowledge of TCP/IP, network traffic analysis, and anomaly detection.
• Familiarity with a broad range of security tools and platforms.
• Experience in developing custom detection content and automation scripts.

Non-Technical:

• Excellent communication and consulting skills, with the ability to brief stakeholders and produce clear reports.
• Proven leadership and coaching mindset to mentor junior analysts.
• Strong stakeholder engagement and client-facing experience.
• Self-motivated with the ability to work independently in high-pressure environments.
• Adaptability to work across diverse teams and organisational cultures.

• Seniority level
  Mid-Senior level

• Employment type
  Full-time

• Job function
  Information Technology and Consulting
• Industries
  Defense and Space Manufacturing, IT Services and IT Consulting, and Business Consulting and Services

Referrals increase your chances of interviewing at Anson McCade by 2x

Get notified about new Security Operations Center Analyst jobs in Leeds, England, United Kingdom.

Huddersfield, England, United Kingdom 2 months ago

York, England, United Kingdom 2 weeks ago

Selby, England, United Kingdom 5 months ago

Leeds, England, United Kingdom 3 weeks ago

Leeds, England, United Kingdom 2 weeks ago

Leeds, England, United Kingdom 3 weeks ago

Leeds, England, United Kingdom 2 months ago

Leeds, England, United Kingdom 6 days ago

Leeds, England, United Kingdom 1 week ago

Leeds, England, United Kingdom 2 weeks ago

Leeds, England, United Kingdom 2 weeks ago

Leeds, England, United Kingdom 1 month ago

Leeds, England, United Kingdom 6 days ago

Leeds, England, United Kingdom 1 month ago

Leeds, England, United Kingdom 5 days ago

Leeds, England, United Kingdom 1 month ago

Leeds, England, United Kingdom 2 weeks ago

Leeds, England, United Kingdom 1 week ago

Leeds, England, United Kingdom 1 week ago

Leeds, England, United Kingdom 4 days ago

Leeds, England, United Kingdom 1 week ago

Leeds, England, United Kingdom 2 weeks ago

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.