Job Description
Serves as the SOC’s technical lead, responsible for architecting, building, and evolving the monitoring capability. Provides senior technical oversight, leads the response to complex incidents, and mentors analysts to strengthen team capability. Functions at a SOC Lead level from the outset, with a clear pathway to formal promotion to Manager upon meeting the firm’s established progression criteria.
Key responsibilities:
- Design and build the SOC's operating model, detection strategy, and runbooks from the ground up
- Own the monitoring roadmap and contribute to security strategy for the client engagement
- Lead complex investigations and act as senior technical authority during incidents
- Coordinate containment, eradication, and recovery activities across infrastructure and application teams
- Recommend and implement SIEM, detection engineering, and automation tooling
- Lead the design and enablement of automated monitoring processes
- Mentor and develop the SOC Analyst
- Represent the SOC function to client/senior stakeholders
- Contribute to detection engineering, threat modelling, and continuous improvement
- Support hiring as the team expands
Qualifications
- Substantial SOC experience at T3 / senior analyst level or above
- Demonstrable experience building or significantly maturing a SOC capability
- Deep SIEM and detection engineering experience
- Hands‑on AWS security experience
- Experience leading incident response in a regulated or secure environment
- Strong stakeholder management with senior technical and business audiences
- Experience working with Infrastructure as Code (IaC) tools and approaches
- Degree in a relevant technical field or substantial equivalent professional experience
- At least one senior certification (CISSP, CISM, GCIA, GCIH, or AWS Certified Security Specialty)
- SC‑cleared or genuinely cleared‑eligible
Nice‑to‑haves:
- Already SC‑cleared
- Prior government, defence, or regulated‑sector consultancy experience
- People management or formal mentoring experience
- IaC and automation experience (Terraform, Python)
- Forensic data collection and evidence handling
- Master's degree in cyber security or related field
- NCSC Certified Cyber Professional (CCP) credentials at Senior Practitioner or Lead Practitioner level
- Multiple senior certifications across detection, IR, and cloud
- Senior certifications (GCFA, GCFR, GREM, GCTI)
Benefits include:
- Private Medical Health care via Vitality
- Pension contribution, Life Assurance
- Professional certifications supported as part of learning and development
- A range of retail discounts to enhance your lifestyle, encompassing restaurants, supermarkets, travel, leisure activities and health and well‑being services
- Access to our Employee Resource Groups, our groups represent diverse backgrounds and provide a platform for colleagues to connect, learn, and support one another
Netcompany Academy:
Through our Netcompany Academy, we offer a diverse range of courses, seminars and certifications carefully curated to support your development. As you advance in your career, the Academy tailors its offerings to enhance your managerial skills, deepen your understanding of methodologies, hone your leadership abilities, and fine‑tune your strategic acumen.
As you progress through the content, you’ll naturally take on more responsibility and network with your peers.
