SOC Shift Lead - Defence & Security Sector

SOC Shift Lead - Leading Technology Consultancy (Defence & Security Sector)

Location: Hemel Hempstead (On-site, Shift-Based)
Security Clearance: Must be eligible for or hold current DV (Developed Vetting) Clearance

Are you an experienced SOC professional ready to lead from the front in a high-impact environment?

We are recruiting on behalf of a prestigious technology consultancy renowned for delivering critical solutions within the complex Aerospace, Defence, and Security sectors. Their dedicated Cyber team tackles compelling challenges, protecting vital national infrastructure and working with cutting-edge technologies.

Due to significant growth and their position as leaders in the field, they are seeking a dedicated SOC Shift Lead to join their expanding team based in Hemel Hempstead.

This is a unique opportunity to guide a team of talented SOC Analysts, gain exposure across multiple key clients, and contribute your skills and ideas to a diverse and highly skilled security function.

What You'll Be Doing:

• Lead, mentor, and manage a shift team of SOC Analysts, fostering their development and careers.
• Oversee the Real Time monitoring, triage, and in-depth investigation of security incidents impacting critical client infrastructure.
• Conduct detailed analysis of network traffic, logs (host, network, application), and system events to identify and respond to sophisticated threats.
• Continuously enhance the team's knowledge of SOC tools (especially Sentinel & Splunk), operational procedures, and TTPs (Tactics, Techniques, and Procedures).
• Develop, refine, and implement detection rules and use cases, aligning with frameworks like Mitre ATT&CK for a threat-informed defence posture.
• Ensure meticulous maintenance of security incident documentation, including reports, findings, and mitigation recommendations.
• Represent the SOC function effectively in meetings with partners and stakeholders.
• Work a rotating shift pattern from the secure Hemel Hempstead office (details below).

What You'll Bring:

• Demonstrable experience operating within a Security Operations Centre (SOC).
• Proven people management or team leadership skills, with a passion for developing technical teams.
• Hands-on experience using SIEM technologies, particularly Microsoft Sentinel and Splunk.
• Strong working knowledge of the Mitre ATT&CK Framework and its practical application.
• Solid understanding of core IT and security concepts: Client Server architecture, web applications, databases, Firewalls, VPNs, endpoint security (AV), etc.
• Good grasp of networking fundamentals: TCP/IP, WAN/LAN, common protocols (SMTP, HTTP, FTP, etc.).

It Would Be Great If You Also Had:

• Experience with static malware analysis or reverse engineering techniques.
• Proficiency in Scripting languages (eg, Python, PowerShell, Bash).
• Relevant industry certifications (eg, Crest Practitioner Intrusion Analyst, Blue Team Level 1, GCIH, GCIA).
• Experience with additional SIEM tools, such as QRadar.

Key Details:

• Employment Type: Permanent
• Location: Hemel Hempstead (Fully site-based)
• Work Pattern: Rotating Shift: 2x Days (06:00-18:00), 2x Nights (18:00-06:00), 4x Days Off.
• Security Clearance: This is paramount. You must be eligible to undergo and obtain UK DV (Developed Vetting) clearance, or already hold current DV clearance. Please confirm your eligibility status when applying.

Why This Opportunity?

• Impactful Work: Contribute directly to projects of national significance within a privileged and unique environment.
• Leading Edge: Gain exposure to the latest cyber security technologies and methodologies.
• Career Growth: Join a company committed to professional development, offering dedicated time, coaching, and mentoring.
• Supportive Culture: Become part of a valued team known for collaboration, knowledge sharing, and high levels of client satisfaction.
• Excellent Benefits: Receive a competitive salary plus 25 days annual leave (with option to buy more), health cash plan, life assurance, pension, and a generous flexible benefits fund.

Interested?

Even if you don't tick every single box but believe you have the core skills and leadership potential for this role, we strongly encourage you to apply! Our client values diverse experience and a passion for cyber defence.