Are you an experienced SOC Analyst looking for the next step in your career? If you are seeking a role in Cyber Security with more responsibility, and the opportunity to lead and mentor a team, this could be the perfect fit for you! Our Cyber Security Operations team is growing, and this could be your opportunity to join us as we expand our offerings to both existing and new customers. This role provides the chance to make a real difference in the world of cyber defense. The Lead SOC Analyst will oversee a team of SOC Analysts, conduct monitoring and triage of alerts related to host and network security events for our clients' critical infrastructure, and support the SOC by delivering client work while contributing skills and ideas to this already diverse team. Our Cyber team manages some of the most complex and compelling areas within Aerospace, Defence, and Security. If you want to lead from the front, gain experience working with multiple clients, and have access to the latest technologies, join a team that is on the cusp of continued growth and is recognized as a leader in the field. This role is based on site Hemel Hempstead and is shift work. 2 x days at 6am to 6PM, 2 nights at 6pm to 6am, 4 days off.
Responsibilities
* Monitor, triage, and investigate security incidents across critical client infrastructure.
* Perform in-depth analysis of network traffic, logs, and system events to identify potential threats and vulnerabilities.
* Provide line management and act as the primary point of contact for escalations within the SOC team.
* Maintain, develop, and enhance team knowledge of SOC tools, security operations, and incident triage processes.
* Analyse and improve detection rules and use cases in alignment with MITRE ATT&CK framework and threat‑informed defense strategies.
* Maintain and update security incident documentation, including incident reports, analysis findings, and recommended mitigation strategies.
* Represent the SOC in meetings with partners and stakeholders.
Qualifications
* Experience in static malware analysis and reverse engineering.
* Proficiency in programming and scripting languages such as Python, Perl, Bash, PowerShell, and C++.
* Relevant certifications, e.g., CREST Practitioner Intrusion Analyst, Blue Team Level 1, or other SOC‑focused credentials.
* Hands‑on experience with SIEM technologies, particularly Microsoft Sentinel and Splunk, with familiarity in QRadar being a plus.
Referral Bonus: £1500.00
Clearance required: Eligible for DV Clearance
Sopra Steria's Aerospace, Defence and Security business designs, develops and deploys digital solutions to Central Government clients. The work we do makes a real difference to the client's goal of National Security, and we operate in a unique and privileged environment. We are given time for professional development activities, and we coach and mentor our colleagues, sharing knowledge and learning from each other. We foster a culture in which employees feel valued and supported and have pride in their work for the customer, delivering outstanding rates of customer satisfaction in the UK's most complex safety‑and‑security‑critical markets.
#J-18808-Ljbffr