FINTEC recruit is supporting recruitment for a Cyber Security (SOC) Lead. This is a permanent position, based in Hemel Hempstead, working rotation of 2 days on / 2 nights on & then 4 days office, (hours are 6 am. To 6 pm, then 6 pm to 6 am). Salaries discussed on application and negotiable by experience. There is a required to pass UK Security Clearance (DV level). You will be supporting critical infrastructure within aerospace, defence and security sectors. Able to drive operational improvements, working onsite, leading and mentoring a small team. Responsibilities: Monitoring, triaging, and investigating alerts across host and network security systems Performing deep analysis of traffic, logs, and system events to identify threats and vulnerabilities Providing mentoring & line management to SOC Analysts Enhancing team knowledge across SOC tooling, detection methodologies, and threat triage Analyse and optimise detection rules and use cases based on Mitre Att&ck Maintaining detailed and up-to-date incident documentation, findings, and mitigation strategies Acting as a representative of the SOC in key meetings and internal stakeholder engagements Skills and Experience required for the Cyber Security SOC Lead role: Proven experience in a Security Operations Centre (SOC) environment Qualified at SOC Level 2 Strong familiarity with SIEM platforms including Microsoft Sentinel and Splunk Knowledge and use of the Mitre Att&ck Framework for detection and threat analysis Experience of static malware analysis and reverse engineering (desirable) Scripting or programming with Python, Perl, Bash, PowerShell or C++ (desirable not an essential) SIEM technologies knowledge such as QRadar (desirable not an essential) In-depth understanding of: Client-server applications and multi-tier web environments Relational databases, firewalls, VPNs, enterprise AntiVirus solutions Full details of the Cyber Security SOC lead role is available on application. To apply please submit your current CV or apply via our FINTEC recruit website