At a Glance
- Tasks: Lead a team of analysts to enhance cyber security for public sector organisations.
- Company: Join Made Tech, a leader in improving digital services for the UK public sector.
- Benefits: Enjoy 30 days holiday, flexible working hours, and remote work options.
- Other info: Engage with cross-government security communities and contribute to shared practice resources.
- Why this job: Make a real impact in cyber security while mentoring the next generation of analysts.
- Qualifications: Experience in SOC environments and strong knowledge of UK government security standards required.
The predicted salary is between 60000 - 75000 £ per year.
hackajob is collaborating with Made Tech to connect them with exceptional professionals for this role. Made Tech helps UK public sector organisations build and run better digital services. Our Cyber practice sits at the heart of that mission — working alongside government departments, agencies, and critical national infrastructure owners to improve how they detect, respond to, and learn from cyber threats.
As a Lead Security Analyst, you'll be the most senior analyst on your engagement, setting the technical direction for the SOC and owning the quality of what the team produces — from detection engineering to threat-hunting to incident response. This means pairing on complex investigations, setting tradecraft standards, and making sure the team's detection content is version-controlled, peer-reviewed, and continuously improved — not left to age in a SIEM. You'll also be the trusted technical interface for client security stakeholders, translating what the SOC is seeing into the language that informs decisions.
You'll align your work to NCSC guidance, the Cyber Assessment Framework, and OFFICIAL handling requirements — not because compliance is the goal, but because those frameworks reflect the real risk environment your clients operate in. You'll engage with cross-government security communities, feed detection content and runbooks back into the Cyber practice, and help grow a bench of analysts who can operate at the same standard.
Own the threat-landscape narrative for your engagement — turn intelligence from NCSC advisories, sector feeds, and threat actor reporting into hunt themes, coverage gap analysis, and detection priorities that the SOC and client stakeholders can act on. Run the intelligence cycle as a managed discipline — maintain a collection plan, produce timely and rigorous intelligence products, and build feedback loops that keep the cycle honest and improving.
Establish and lead security incident response practice — build playbooks, define the severity model, run exercises, and lead the team's response to significant incidents; Be the trusted technical interface for client security stakeholders — communicate what the SOC is detecting, investigating, and covering without losing fidelity; surface risks early and honestly, and align the team's priorities to the client's risk picture.
Grow the analysts around you — pair on detection authorship and incident response as a default, set pairing as the team norm, and actively build the capability of L1 and L2 analysts through structured mentoring and coaching so knowledge isn't concentrated in one person. Contribute to the Cyber practice beyond your engagement — feed detection content, runbooks, and lessons learned back into shared practice resources; and engage with public-sector security communities including NCSC CISP and relevant ISACs.
Requirements:
- Certified Information Systems Security Professional (CISSP)
- Certified Information Security Manager (CISM)
- CompTIA Advanced Security Practitioner (CASP+)
- Experience leading detection engineering in a SOC or similar environment — including writing and tuning detections in KQL, SPL, EQL, or Sigma, and managing coverage against MITRE ATT&CK
- Experience designing or improving a log and telemetry pipeline, including application-level telemetry from cloud-hosted services (AWS is a strong preference at this grade), with an understanding of how to design monitoring for failure modes and degraded states
- Evidence of running the intelligence cycle as a managed discipline — collection planning, production, and feedback — rather than consuming finished intelligence
- Working knowledge of UK government security standards and frameworks, including NCSC CAF Objective C, GovAssure, and OFFICIAL handling requirements
- Evidence of growing the technical capability of less experienced analysts through pairing, structured mentoring, or coaching, including setting clear goals and tracking progress over time
- Evidence of contributing reusable assets — detection playbooks, runbooks, templates, or accelerators — back into a practice or community, rather than leaving knowledge within a single team
We've recently introduced a flexible benefit platform which includes a Smart Tech scheme, Cycle to work scheme, and an individual benefits allowance which you can invest in a Health care cash plan or Pension plan.
30 days Holiday - we offer 30 days of paid annual leave
Flexible Working Hours - we are flexible with what hours you work
Flexible Parental Leave - we offer flexible parental leave options
Remote Working - we offer part time remote working for all our staff - we offer paid counselling as well as financial and legal advice
SC Eligibility: An increasing number of our customers are specifying a minimum of SC (security check) clearance in order to work on their projects. Eligibility for SC requires 5 years' UK residency and 5 years' employment history (or back to full-time education).
When you apply, we’ll put you in touch with a member of our talent team who can help with any needs or adjustments we may need to make to help with your application.
StudySmarter Expert Advice🤫
We think this is how you could land Day Shift Team Lead (Security Analyst) in Bristol
✨Get Involved in the Cybersecurity Community
Diving into the cybersecurity community is key for landing that full-time gig. Join forums like Reddit's r/cybersecurity or attend local meetups to connect with industry veterans and other job seekers. Networking is everything in this field—don’t just be a passive lurker!
✨Show Off Your Skills with Capture the Flag Competitions
Participate in Capture the Flag (CTF) competitions; these are not just a fun way to boost your skills but also a chance to showcase your talent to potential employers. Many companies, including Made Tech, love seeing candidates who actively engage in these challenges.
✨Tailor Your Online Presence
Make sure your LinkedIn and any professional profiles reflect your cybersecurity expertise. Share your projects, whether they’re personal or from a previous role, to catch the eye of hiring managers. This is how they’ll find your passion and commitment to the field!
✨Apply Directly Through Made Tech
Don’t forget to head straight to our website and check out any openings for cybersecurity roles at Made Tech. Applying directly can sometimes give you an edge, especially if you can mention that you've been following our work or engaging in the community.
We think you need these skills to ace Day Shift Team Lead (Security Analyst) in Bristol
Some tips for your application 🫡
Show off your technical skills:In cybersecurity, it's crucial to highlight your technical prowess. Make sure your CV showcases specific skills like network security, penetration testing, or threat analysis. If you have relevant certifications (like CEH or CISSP), pop those on the front page to grab attention!
Tailor your portfolio for the role:Even for a full-time role, a portfolio can set you apart. If you've worked on any cybersecurity projects—be it CTF challenges, security assessments, or research papers—include these in your application. This demonstrates not just your skills, but also your hands-on experience!
Use real-world examples:When writing your cover letter, don’t just stick to your qualifications. Share real-world examples of how you’ve tackled security issues or vulnerabilities. This gives the hiring team at Made Tech insight into your practical problem-solving abilities and makes your application memorable.
Demonstrate your passion for cybersecurity:Cybersecurity is an ever-evolving field, so show us that you’re always learning! Mention any recent courses, webinars, or industry events you’ve attended. This not only exhibits your enthusiasm but also signals to Made Tech that you’re committed to staying ahead in the game.
How to prepare for a job interview at Made Tech
✨Sharpen Your Technical Skills
For a role in cybersecurity, it’s essential to be up-to-date with the latest tools and techniques. Brush up on your knowledge of firewalls, intrusion detection systems, and vulnerability assessment tools. Be ready to discuss specific scenarios where you’ve applied these skills, as hands-on experience can really set us apart in interviews.
✨Prepare for Scenario-Based Questions
Expect the interviewers at Made Tech to throw in some hypothetical situations to see how you’d handle them. Think about common security breaches or incidents and be prepared to explain how you would respond. This not only shows your problem-solving skills but also your understanding of real-world cybersecurity challenges.
✨Highlight Your Certifications
Certifications like CompTIA Security+, CISSP, or CEH can give you a significant edge in a full-time role in cybersecurity. Make sure to mention these during your interview and be prepared to discuss what you learned through those certifications and how they relate to the position at Made Tech.
✨Show Your Passion for Cybersecurity
Since you’re going for a full-time gig, showing genuine enthusiasm for the field can make all the difference. Share any personal projects, blogs, or communities you’re part of that relate to cybersecurity. This not only showcases your passion but also your commitment to staying engaged in this ever-evolving field.