SOC Shift Lead

Responsibilities

• Lead and mentor a team of SOC Analysts, providing technical guidance and operational oversight during shifts.
• Act as the primary escalation point for high-severity security incidents.
• Monitor, triage, and investigate host- and network-based security alerts across critical client infrastructure.
• Conduct in-depth analysis of logs, alerts, and network traffic to identify malicious activity.
• Contribute to the development and improvement of detection rules and use cases aligned to the MITRE ATT&CK framework.
• Support continuous improvement of SOC processes, tooling, and incident response playbooks.
• Maintain clear and accurate incident documentation, including reports and post-incident reviews.
• Represent the SOC in operational meetings with internal teams, partners, and stakeholders.

Requirements

• Proven experience working in a Security Operations Centre (SOC) environment.
• Experience handling and escalating security incidents across enterprise environments.
• Strong understanding of network and host-based attack techniques.
• Hands-on experience with SIEM platforms, ideally Microsoft Sentinel or Splunk.
• Experience leading or mentoring analysts in an operational security environment.
• It would be great if you had:
• Experience improving detection content or threat-informed defense use cases.
• Familiarity with the MITRE ATT&CK framework.
• Scripting or automation experience (e.g. Python, PowerShell, Bash).
• Exposure to malware analysis or reverse engineering (not required for day-to-day work).
• Relevant certifications such as CREST Practitioner Intrusion Analyst, Blue Team Level 1, or similar.
• If you are interested in this role but not sure if your skills and experience are exactly what we're looking for, please do apply, we'd love to hear from you!
• Employment Type: Permanent
• Location: Hemel Hempstead
• Security Clearance Level: Eligible for DV (Developed Vetting)
• Internal Recruiter: Jane
• Salary: Up to £75k + on call allowance
• Benefits: 25 days annual leave with the choice to buy additional holiday days, health cash plan, life assurance, and pension
• Loved reading about this job and want to know more about us?

Additional Information

Sopra Steria's SOC is currently seeking SOC Shift Leads to join our Managed Security Service Provider team. This is a great opportunity to take on increased responsibility in a complex, fast-paced environment, leading, mentoring, and developing a team of SOC Analysts. As we expand our Cyber Security Operations capability, we're looking for a Lead SOC Analyst to help protect multiple critical client environments. The role offers real variety and continued hands-on involvement, combining leadership with incident response, threat detection, and operational delivery. We will also consider experienced SOC professionals who are ready to step into a leadership position while remaining technically engaged. You will lead a team of analysts within a 24/7 SOC, acting as the primary escalation point for complex incidents, supporting operational delivery, and helping to mature our detection and response capabilities across multiple clients. This role is site-based in Hemel Hempstead and follows a shift pattern of two day shifts (6am-6pm), two night shifts (6pm-6am), followed by four days off. You do need to be eligible for SC and DV Clearance.

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at Sopra Steria? Share your experience