SOC Shift Lead at Sopra Steria

Dacorum, England, United Kingdom -

Full Time

Start Date

Immediate

Expiry Date

13 Jun, 26

Salary

75000.0

Posted On

15 Mar, 26

Experience

5 year(s) or above

Remote Job

Yes

Telecommute

Yes

Sponsor Visa

Skills

Security Operations Centre, Incident Response, Threat Detection, Team Leadership, Mentoring, Incident Escalation, Log Analysis, Alert Triage, Network Security, Host Security, Detection Rules, Incident Documentation, SIEM Platforms, Microsoft Sentinel, Splunk, MITRE ATT&CK

Industry

IT Services and IT Consulting

Description

Sopra Steria’s SOC is currently seeking SOC Shift Leads to join our Managed Security Service Provider team. This is a great opportunity to take on increased responsibility in a complex, fast-paced environment, leading, mentoring, and developing a team of SOC Analysts. As we expand our Cyber Security Operations capability, we’re looking for a Lead SOC Analyst to help protect multiple critical client environments. The role offers real variety and continued hands-on involvement, combining leadership with incident response, threat detection, and operational delivery. We will also consider experienced SOC professionals who are ready to step into a leadership position while remaining technically engaged. You will lead a team of analysts within a 24/7 SOC, acting as the primary escalation point for complex incidents, supporting operational delivery, and helping to mature our detection and response capabilities across multiple clients. This role is site-based in Hemel Hempstead and follows a shift pattern of two day shifts (6am–6pm), two night shifts (6pm–6am), followed by four days off. What you'll be doing: Lead and mentor a team of SOC Analysts, providing technical guidance and operational oversight during shifts. Act as the primary escalation point for high-severity security incidents. Monitor, triage, and investigate host- and network-based security alerts across critical client infrastructure. Conduct in-depth analysis of logs, alerts, and network traffic to identify malicious activity. Contribute to the development and improvement of detection rules and use cases aligned to the MITRE ATT&CK framework. Support continuous improvement of SOC processes, tooling, and incident response playbooks. Maintain clear and accurate incident documentation, including reports and post-incident reviews. Represent the SOC in operational meetings with internal teams, partners, and stakeholders. What you will bring: Proven experience working in a Security Operations Centre (SOC) environment. Experience handling and escalating security incidents across enterprise environments. Strong understanding of network and host-based attack techniques. Hands-on experience with SIEM platforms, ideally Microsoft Sentinel or Splunk. Experience leading or mentoring analysts in an operational security environment. It would be great if you had: Experience improving detection content or threat-informed defense use cases. Familiarity with the MITRE ATT&CK framework. Scripting or automation experience (e.g. Python, PowerShell, Bash). Exposure to malware analysis or reverse engineering (not required for day-to-day work). Relevant certifications such as CREST Practitioner Intrusion Analyst, Blue Team Level 1, or similar. If you are interested in this role but not sure if your skills and experience are exactly what we’re looking for, please do apply, we’d love to hear from you! Employment Type: Permanent Location: Hemel Hempstead Security Clearance Level: Eligible for DV (Developed Vetting) Internal Recruiter: Lee Salary: Up to £75k + on call allowance Benefits: 25 days annual leave with the choice to buy additional holiday days, health cash plan, life assurance, and pension Loved reading about this job and want to know more about us? Sopra Steria’s Aerospace, Defence and Security business designs, develops and deploys digital solutions to Central Government clients. The work we do makes a real difference to the client’s goal of National Security, and we operate in a unique and privileged environment. We are given time for professional development activities, and we coach and mentor our colleagues, sharing knowledge and learning from each other. We foster a culture in which employees feel valued and supported and have pride in their work for the customer, delivering outstanding rates of customer satisfaction in the UK’s most complex safety- and security-critical markets.

Responsibilities

The Shift Lead will lead and mentor a team of SOC Analysts, providing technical guidance and acting as the primary escalation point for high-severity security incidents across critical client infrastructure. Responsibilities also include monitoring, investigating alerts, contributing to detection rule improvements, and supporting the continuous maturation of SOC processes and playbooks.