Lead Augmented SOC Analyst

at  NCC Group

Lead Augmented SOC Analyst
Manchester
As a Lead Augmented SOC Analyst within the Augmented SOC, you will play a pivotal role in ensuring the 24/7 security of clients environment. Alongside your responsibilities as a senior-level analyst, you will take on line management duties, overseeing and supporting the development of SOC analysts. Reporting directly to the SOC Manager, you will utilise security tools such as SIEM, EDR, email security, and ticketing systems to respond to alerts, manage escalations, and ensure team performance. Your role will also involve mentoring junior analysts and contributing to the overall effectiveness and growth of the SOC team.
What we are looking for in you

Key accountabilities for this role are as follows:

• Act as the senior SOC analyst, leading the response to advanced threats, managing incidents, and conducting complex investigations using security tools like SIEM, EDR, and other relevant technologies.
• Provide line management for analysts, including performance evaluations, mentorship, and development of personal growth plans.
• Serve as the primary escalation point for advanced security incidents, ensuring timely and effective responses to high-priority alerts and incidents.
• Ensure seamless SOC operations, meeting KPIs, SLAs, and fostering effective collaboration with clients on security incidents and ongoing monitoring.
• Oversee 24/7 shift schedules and rotas to ensure continuous coverage, including managing out-of-hours (OOH) support.
• Collaborate with the SOC Manager to align operational processes with strategic objectives, contributing to process improvements and playbook updates.
• Drive continuous improvement of SOC procedures, ensuring the team remains current with the latest security tools and methodologies.
• Conduct regular performance reviews, provide constructive feedback, and develop personal growth plans to support the progression of R2 analysts.
• Participate in regular client engagements, offering technical expertise and insights into threat management and security operations.
• Ensure adherence to internal security protocols and operational processes, supporting compliance efforts when necessary.
• Deliver excellent customer service by responding promptly and professionally to client inquiries and incidents.
• Provide regular updates to the SOC Manager on the SOC’s activities, performance, and any notable incidents.

Minimum Requirements

• Minimum 3 years of experience within any SOC operations role.
• Minimum 1 years of experience within a SOC team lead role. (Flexible based on experience and technical level)
• Strong people management and leadership skills.
• Strong desire to improve and perfect processes, following an overall strategy of excellence.

Desirable Requirements

• CompTIA Certifications (Security+/ Network+/ Linux+)
• Crest, GIAC or CISSP Certification
• Degree in related field.
• Other relevant certifications.

Working Hours: The working hours are 0900-1730hrs Mon-Fri, and you would be expected to be working and contactable throughout those times. There is no scheduled out of hours work but may be required in emergency situations only.
Professionalism: Conduct yourself with professionalism, integrity, and ethical behaviour in all interactions and situations.
Proactive: Demonstrate a proactive approach to process improvement and process creation, ensuring conformity to the standards of the AUG SOC.
Collaboration: Work effectively within a team environment, communicating with colleagues from different departments and clients, and sharing insights to improve overall security posture.
Adaptability: Embrace changes in technology and processes, adapting to new challenges and learning quickly in a dynamic security landscape.
Ways of working
Focusing on Clients and Customers.
Working as One NCC.
Always Learning.
Being Inclusive and Respectful.
Delivering Brilliantly.
Our company
What is it like to work here? What is the team like (eg their expertise, skills, projects)? What is the hiring manager like (a bit about your role and interests at work)?
At NCC Group, our mission is to create a more secure digital future. That mission underpins everything we do, from our work with our incredible clients to groundbreaking research shaping our industry. Our teams’ partner with clients across a multitude of industries, delving into, securing new products, and emerging technologies, as well as solving complex security problems. As global leaders in cyber and escrow, NCC Group is a people-powered business seeking the next group of brilliant minds to join our ranks.
Our colleagues are our greatest asset, and NCC Group is committed to providing an inclusive and supportive work environment that fosters creativity, collaboration, authenticity, and accountability. We want colleagues to put down roots at NCC Group, and we offer a comprehensive benefits package, as well as opportunities for learning and development and career growth. We believe our people are at their brilliant best when they feel bolstered in all aspects of their well-being, and we offer wellness programs and flexible working arrangements to provide that vital support.
Come join us?
What do we offer in return?

We have a high-performance culture which is balanced evenly with world-class well-being initiatives and benefits:

• Flexible working

  Financial & Investment
  Pension
  Life Assurance
  Share Save Scheme
  Maternity & Paternity leave

  Community & Volunteering Programmes

• Green Car Scheme

  Cycle Scheme
  ‍ ‍ Employee Referral Program
  Lifestyle & Wellness
  Learning & Development
  ‍ Diversity & Inclusion
  So, what’s next?
  If this sounds like the right opportunity for you, then we would love to hear from you! Click on apply to this job to send us your CV and cover letter and the relevant member of our global talent team will be in touch with you. Alternatively send your details to
  global.ta@nccgroup.com .
  About your application
  We review every application received and will get in touch if your skills and experience match what we’re looking for. If you don’t hear back from us within 10 days, please don’t be too disappointed – we may keep your CV on our database for any future vacancies and we would encourage you to keep an eye on our career opportunities as there may be other suitable roles.
  If you do not want us to retain your details, please email
  global.ta@nccgroup.com
  . All personal data is held in accordance with the NCC Group Privacy Policy (
  candidate-privacy-notice-261023.pdf (nccgroupplc.com)
  ). We are committed to diversity and flexibility in the workplace. If you require any reasonable adjustments to support you during the application process, please tell us at any stage.
  Please note that this role involves mandatory pre-employment background checks due to the nature of the work NCC Group does. To apply, you must be willing and able to undergo the vetting process. This role being advertised will be subject to BS7858 screening as a mandatory requirement.

• Act as the senior SOC analyst, leading the response to advanced threats, managing incidents, and conducting complex investigations using security tools like SIEM, EDR, and other relevant technologies.
• Provide line management for analysts, including performance evaluations, mentorship, and development of personal growth plans.
• Serve as the primary escalation point for advanced security incidents, ensuring timely and effective responses to high-priority alerts and incidents.
• Ensure seamless SOC operations, meeting KPIs, SLAs, and fostering effective collaboration with clients on security incidents and ongoing monitoring.
• Oversee 24/7 shift schedules and rotas to ensure continuous coverage, including managing out-of-hours (OOH) support.
• Collaborate with the SOC Manager to align operational processes with strategic objectives, contributing to process improvements and playbook updates.
• Drive continuous improvement of SOC procedures, ensuring the team remains current with the latest security tools and methodologies.
• Conduct regular performance reviews, provide constructive feedback, and develop personal growth plans to support the progression of R2 analysts.
• Participate in regular client engagements, offering technical expertise and insights into threat management and security operations.
• Ensure adherence to internal security protocols and operational processes, supporting compliance efforts when necessary.
• Deliver excellent customer service by responding promptly and professionally to client inquiries and incidents.
• Provide regular updates to the SOC Manager on the SOC’s activities, performance, and any notable incidents