Job description:
Location: Hemel Hempstead (On-site, Shift-Based) Salary: 55,000 65,000 (depending on experience) Security Clearance: Youll need to be eligible for DV clearance. That means you must be a British national whos lived in the UK for the past 10 years, and not spent more than 28 days outside the UK at a time in the last 5 years. Benefits: 25 days holiday (with the option to buy more), health cash plan, life assurance, pension scheme, and a generous flexible benefits fund.
About the Role
Our client is looking for a confident and experienced SOC Shift Lead to support a key programme in the Aerospace, Defence, and Security sectors.
In this role, youll lead a team of 4 SOC Analysts in a fast-paced, mission-critical environmentmanaging incidents, mentoring team members, and driving operational improvements. This is a shift-based role following a 2 days (6am6pm), 2 nights (6pm6am), 4 days off rotation, giving you a healthy balance of work and downtime.
What Youll Be Doing
* Monitoring and triaging security alerts across systems and networks
* Investigating threats and vulnerabilities using logs, traffic data, and security tools
* Line-managing and mentoring SOC Analysts, supporting their development
* Improving detection rules and playbooks using the MITRE ATT&CK framework
* Keeping clear documentation of incidents, findings, and actions taken
* Representing the SOC in meetings and working with internal stakeholders
What Our Client Is Looking For
* Solid experience working in a SOC environment (SOC Level 2 or above)
* Previous experience leading or managing a team
* Hands-on familiarity with SIEM platformsespecially Microsoft Sentinel and Splunk
* Working knowledge of the MITRE ATT&CK framework for threat detection
* Strong understanding of:
* Network protocols (TCP/IP, SMTP, HTTP, FTP, etc.)
* Web and client-server applications
* Firewalls, VPNs, antivirus tools, and databases
Bonus Skills (Nice to Have)
* Active DV Clearance
* Experience with malware analysis or reverse engineering
* Scripting or coding skills (Python, PowerShell, Bash, etc.)
* Relevant certifications such as CREST Practitioner Intrusion Analyst or Blue Team Level 1
* Familiarity with other SIEM tools, especially QRadar
About Our Client
Our client delivers innovative digital solutions to the Central Government, working in secure environments where trust and resilience are key. They value collaboration, continuous learning, and professional development, creating an environment where employees feel supported, heard, and empowered. Their work makes a real difference to national security, and they take pride in consistently high levels of customer satisfaction.
Qualifications:
* Solid experience working in a SOC environment (SOC Level 2 or above)
* Previous experience leading or managing a team
* Hands-on familiarity with SIEM platformsespecially Microsoft Sentinel and Splunk
* Working knowledge of the MITRE ATT&CK framework for threat detection
* Strong understanding of:
* Network protocols (TCP/IP, SMTP, HTTP, FTP, etc.)
* Web and client-server applications
* Firewalls, VPNs, antivirus tools, and databases
Why is This a Great Opportunity:
Our client delivers innovative digital solutions to the Central Government, working in secure environments where trust and resilience are key. They value collaboration, continuous learning, and professional development, creating an environment where employees feel supported, heard, and empowered. Their work makes a real difference to national security, and they take pride in consistently high levels of customer satisfaction.