Security Operations Center Analyst

Job Description

SOC Shift Lead

Location: Hemel Hempstead (On-site)

Shift Hours: 2 days (6am–6pm), 2 nights (6pm–6am), 4 days off

Security Clearance Level: Must be eligible for DV Clearance. Due to the highly secure nature of this work all applicants will be required to gain UK Security Clearance to the highest level. You must be a British who has been in the UK for at least the last 10 years and you cannot have been outside the UK for more than 28 days on any one occasion within the last 5 years. Benefits: 25 days annual leave (option to purchase additional days), health cash plan, life assurance, pension scheme, and a generous flexible benefits fund

Key Requirements: We are seeking a highly capable SOC Shift Lead to support critical infrastructure within the Aerospace, Defence and Security sector. You will lead from the front—mentoring analysts, managing incident triage, and driving operational improvements in a mission-critical environment. This is a shift-based position, following a rotation of 2 days (6am–6pm), 2 nights (6pm–6am), 4 days off.

Essential Skills and Experience:

• Proven experience in a Security Operations Centre (SOC) environment
• Previous people management or line management experience
• Strong familiarity with SIEM platforms including Microsoft Sentinel and Splunk
• Knowledge and use of the Mitre Att&ck Framework for detection and threat analysis
• In-depth understanding of:
• Client-server applications and multi-tier web environments
• Relational databases, firewalls, VPNs, enterprise AntiVirus solutions
• Networking principles (e.g. TCP/IP, WAN, LAN, SMTP, HTTP, FTP, POP, LDAP)

Desirable (Nice-to-Have):

• Experience in static malware analysis and reverse engineering
• Active DV Clearance
• Scripting or programming with Python, Perl, Bash, PowerShell, or C++
• Recognised certifications such as CREST Practitioner Intrusion Analyst or Blue Team Level 1
• Familiarity with additional SIEM technologies, especially QRadar

Role & Responsibilities: As a SOC Shift Lead, you will ensure the smooth operation and continual enhancement of SOC processes and personnel. You will play a pivotal role in protecting client systems and guiding the team through sophisticated cyber defence challenges.

Your responsibilities will include:

• Monitoring, triaging, and investigating alerts across host and network security systems
• Performing deep analysis of traffic, logs, and system events to identify threats and vulnerabilities
• Providing line management to SOC Analysts—developing capability and supporting career progression
• Enhancing team knowledge across SOC tooling, detection methodologies, and threat triage
• Analysing and optimising detection rules and use cases based on Mitre Att&ck
• Maintaining detailed and up-to-date incident documentation, findings, and mitigation strategies
• Acting as a representative of the SOC in key meetings and internal stakeholder engagements
• Working shifts from the on-site SOC in Hemel Hempstead