Night Shift Team Lead (Security Analyst) in Bristol

Night Shift Team Lead (Security Analyst) in Bristol

Bristol Full-Time 60000 - 75000 Β£ / year (est.) No working from home possible
Made Tech

At a Glance

  • Tasks: Lead a team of analysts in tackling cyber threats and improving security practices.
  • Company: Join Made Tech, a leader in enhancing digital services for the UK public sector.
  • Benefits: Enjoy 30 days holiday, flexible working hours, and remote work options.
  • Other info: Engage with cross-government security communities and contribute to a collaborative cyber practice.
  • Why this job: Make a real impact on national security while developing your skills in a supportive environment.
  • Qualifications: Experience in security analysis and leading teams, with relevant certifications preferred.

The predicted salary is between 60000 - 75000 Β£ per year.

hackajob is collaborating with Made Tech to connect them with exceptional professionals for this role. Made Tech helps UK public sector organisations build and run better digital services. Our Cyber practice sits at the heart of that mission β€” working alongside government departments, agencies, and critical national infrastructure owners to improve how they detect, respond to, and learn from cyber threats.

As a Lead Security Analyst, you'll be the most senior analyst on your engagement, setting the technical direction for the SOC and owning the quality of what the team produces β€” from detection engineering to threat-hunting to incident response. This means pairing on complex investigations, setting tradecraft standards, and making sure the team's detection content is version-controlled, peer-reviewed, and continuously improved β€” not left to age in a SIEM.

You'll also be the trusted technical interface for client security stakeholders, translating what the SOC is seeing into the language that informs decisions. You'll align your work to NCSC guidance, the Cyber Assessment Framework, and OFFICIAL handling requirements β€” not because compliance is the goal, but because those frameworks reflect the real risk environment your clients operate in.

You'll engage with cross-government security communities, feed detection content and runbooks back into the Cyber practice, and help grow a bench of analysts who can operate at the same standard. Own the threat-landscape narrative for your engagement β€” turn intelligence from NCSC advisories, sector feeds, and threat actor reporting into hunt themes, coverage gap analysis, and detection priorities that the SOC and client stakeholders can act on.

Run the intelligence cycle as a managed discipline β€” maintain a collection plan, produce timely and rigorous intelligence products, and build feedback loops that keep the cycle honest and improving. Establish and lead security incident response practice β€” build playbooks, define the severity model, run exercises, and lead the team's response to significant incidents.

Be the trusted technical interface for client security stakeholders β€” communicate what the SOC is detecting, investigating, and covering without losing fidelity; surface risks early and honestly, and align the team's priorities to the client's risk picture. Grow the analysts around you β€” pair on detection authorship and incident response as a default, set pairing as the team norm, and actively build the capability of L1 and L2 analysts through structured mentoring and coaching so knowledge isn't concentrated in one person.

Contribute to the Cyber practice beyond your engagement β€” feed detection content, runbooks, and lessons learned back into shared practice resources; and engage with public-sector security communities including NCSC CISP and relevant ISACs.

Requirements:

  • Certified Information Systems Security Professional (CISSP)
  • Certified Information Security Manager (CISM)
  • CompTIA Advanced Security Practitioner (CASP+)
  • Experience leading detection engineering in a SOC or similar environment β€” including writing and tuning detections in KQL, SPL, EQL, or Sigma, and managing coverage against MITRE ATT&CK
  • Experience designing or improving a log and telemetry pipeline, including application-level telemetry from cloud-hosted services (AWS is a strong preference at this grade), with an understanding of how to design monitoring for failure modes and degraded states
  • Evidence of running the intelligence cycle as a managed discipline β€” collection planning, production, and feedback β€” rather than consuming finished intelligence
  • Working knowledge of UK government security standards and frameworks, including NCSC CAF Objective C, GovAssure, and OFFICIAL handling requirements
  • Evidence of growing the technical capability of less experienced analysts through pairing, structured mentoring, or coaching, including setting clear goals and tracking progress over time
  • Evidence of contributing reusable assets β€” detection playbooks, runbooks, templates, or accelerators β€” back into a practice or community, rather than leaving knowledge within a single team

We've recently introduced a flexible benefit platform which includes a Smart Tech scheme, Cycle to work scheme, and an individual benefits allowance which you can invest in a Health care cash plan or Pension plan.

Benefits:

  • 30 days Holiday - we offer 30 days of paid annual leave
  • Flexible Working Hours - we are flexible with what hours you work
  • Flexible Parental Leave - we offer flexible parental leave options
  • Remote Working - we offer part time remote working for all our staff
  • Paid counselling as well as financial and legal advice

SC Eligibility: An increasing number of our customers are specifying a minimum of SC (security check) clearance in order to work on their projects. Eligibility for SC requires 5 years' UK residency and 5 years' employment history (or back to full-time education).

When you apply, we’ll put you in touch with a member of our talent team who can help with any needs or adjustments we may need to make to help with your application.

Made Tech

Contact Details:

Made Tech Recruitment Team

We think you need these skills to ace Night Shift Team Lead (Security Analyst) in Bristol

Detection Engineering
Threat Hunting
Incident Response
Technical Leadership
KQL
SPL
EQL