FINTEC recruit is supporting recruitment for a Cyber Security (SOC) Lead. This is a permanent position, based in Hemel Hempstead, working rotation of 2 days on / 2 nights on & then 4 days office, (hours are 6 am. To 6 pm, then 6 pm to 6 am). Salaries discussed on application and negotiable by experience. There is a required to pass UK Security Clearance (DV level). You will be supporting critical infrastructure within aerospace, defence and security sectors. Able to drive operational improvements, working onsite, leading and mentoring a small team.
Responsibilities:
Monitoring, triaging, and investigating alerts across host and network security systems
Performing deep analysis of traffic, logs, and system events to identify threats and vulnerabilities
Providing mentoring & line management to SOC Analysts
Enhancing team knowledge across SOC tooling, detection methodologies, and threat triage
Analyse and optimise detection rules and use cases based on Mitre Att&ck
Maintaining detailed and up-to-date incident documentation, findings, and mitigation strategies
Acting as a representative of the SOC in key meetings and internal stakeholder engagements
Skills and Experience required for the Cyber Security SOC Lead role:
Proven experience in a Security Operations Centre (SOC) environment
Qualified at SOC Level 2
Strong familiarity with SIEM platforms including Microsoft Sentinel and Splunk
Knowledge and use of the Mitre Att&ck Framework for detection and threat analysis
Experience of static malware analysis and reverse engineering (desirable)
Scripting or programming with Python, Perl, Bash, PowerShell or C++ (desirable not an essential)
SIEM technologies knowledge such as QRadar (desirable not an essential)
In-depth understanding of:
Client-server applications and multi-tier web environments
Relational databases, firewalls, VPNs, enterprise AntiVirus solutions
Full details of the Cyber Security SOC lead role is available on application. To apply please submit your current CV or apply via our FINTEC recruit website