Senior SOC Analyst – Shift Lead
Hybrid – 1 day in the office every 4 – 6 weeks (only on the rotating early shift and if it is a Wednesday, and ONLY on a Wednesday, otherwise just fully remote)
5% shift allowance (shift allowance paid monthly)
Work 4 days and then enjoy 4 days completely off, giving you more time for family, travel, or rest. In a critical cybersecurity role, you’ll gain round-the-clock operational experience that accelerates your career. Plus, you’ll avoid the typical Monday-Friday grind and long commute times, all whilst having a generous shift allowance of 17.Our client is a dedicated, pure-play cybersecurity consulting firm. As part of their growth plans, they are seeking a Senior SOC Analyst, Shift Lead who combines technical expertise with a desire to lead junior analysts to join their dynamic, fast-paced team.
This is a hands-on shift leadership role operating on a 4-on, 4-off shift pattern, ensuring sustained SOC coverage across critical hours. You’ll manage, mentor, and train two junior SOC analysts working on your shift, while also delivering advanced security operations services to clients across a range of industries.
As a Senior SOC Analyst, you will be central to incident response, threat hunting, and real-time defence management, guiding and mentoring two junior SOC analysts.
The SOC team is deeply committed to leveraging the latest in automation and artificial intelligence, including SOAR platforms, to deliver smarter, faster, and more effective security outcomes. This role provides a unique opportunity to help shape the future of a next-gen SOC environment.
This role combines hands-on technical expertise with management responsibility, offering a unique blend and the chance to contribute meaningfully to both team development and cutting-edge security operations.
The shift pattern is four days on, four days off, with rotating early (6 am-3 pm), late (2 pm-11 pm), and night (10 pm-7 am) shifts.
Client Relationship Management: Act as a point of contact, managing ongoing communications and ensuring technical needs are met
Threat Detection & Analysis: Triage and analyse alerts across multiple SIEM platforms (e.g., Microsoft Sentinel, custom ELK stacks).
Log & Threat Intelligence Analysis: Perform detailed log analysis and threat intelligence research to uncover root causes and bolster security defences.
Incident Management: Lead security incident investigations and responses, offering strategic input to clients and internal teams.
Continuous Development: Stay current on cybersecurity trends and research emerging threats, tools, and methodologies.
Commercial experience with Microsoft Sentinel is a MUST, including investigations, rule tuning, workbook development, and automation playbook design.
Microsoft SC-200 certification is a mandatory requirement.
Proficiency with EPP tools such as Microsoft Defender for Endpoint and SentinelOne.