Security Operations Centre Shift Lead in Hemel Hempstead

Location: Hemel Hempstead (On-site, Shift-Based)

Salary: Highly competitive with excellent benefit package

Security Clearance Level: Must be eligible for DV Clearance. Due to the highly secure nature of this work all applicants will be required to gain UK Security Clearance to the highest level. You must be a British National who has been resident in the UK for at least the last 10 years and you cannot have been outside the UK for more than 28 days on any one occasion within the last 5 years.

Benefits: 25 days annual leave (option to purchase additional days), health cash plan, life assurance, pension scheme, and a generous flexible benefits fund.

Key Requirements

We are seeking a highly capable Security Operations Centre Shift Lead to support critical infrastructure within the Aerospace, Defence and Security sector. You will lead from the front mentoring analysts, managing incident triage, and driving operational improvements in a mission-critical environment. This is a shift-based position, following a rotation of 2 days (6am-6pm), 2 nights (6pm-6am), 4 days off.

Essential Skills and Experience:

• Proven experience in a Security Operations Centre (SOC) environment
• Previous people management or line management experience
• Strong familiarity with SIEM platforms including Microsoft Sentinel and Splunk
• Knowledge and use of the Mitre Att&ck Framework for detection and threat analysis
• In-depth understanding of:

• Client-server applications and multi-tier web environments
• Relational databases, firewalls, VPNs, enterprise AntiVirus solutions
• Networking principles (e.g. TCP/IP, WAN, LAN, SMTP, HTTP, FTP, POP, LDAP)

Desirable (Nice-to-Have):

• Experience in static malware analysis and reverse engineering
• Active DV Clearance
• Scripting or programming with Python, Perl, Bash, PowerShell, or C++
• Recognised certifications such as CREST Practitioner Intrusion Analyst or Blue Team Level 1
• Familiarity with additional SIEM technologies, especially QRadar

Role & Responsibilities

As a SOC Shift Lead, you will ensure the smooth operation and continual enhancement of SOC processes and personnel. You will play a pivotal role in protecting client systems and guiding the team through sophisticated cyber defence challenges. Your responsibilities will include:

• Monitoring, triaging, and investigating alerts across host and network security systems
• Performing deep analysis of traffic, logs, and system events to identify threats and vulnerabilities
• Providing line management to SOC Analysts developing capability and supporting career progression
• Enhancing team knowledge across SOC tooling, detection methodologies, and threat triage
• Analysing and optimising detection rules and use cases based on Mitre Att&ck
• Maintaining detailed and up-to-date incident documentation, findings, and mitigation strategies
• Acting as a representative of the SOC in key meetings and internal stakeholder engagements
• Working shifts from the on-site Security Operations Centre in Hemel Hempstead

About the Organisation

Our client delivers cutting-edge digital solutions to clients in Central Government, operating in privileged environments where digital trust and national safety are paramount. We believe in a culture of collaboration, professional development, and knowledge-sharing, where employees feel valued and supported. Our work contributes meaningfully to the UK's most complex safety- and security-critical environments, and we are proud to maintain consistently high levels of customer satisfaction across our engagements.