Are you an experienced SOC Analyst looking to step into a leadership role? This position offers increased responsibility within an MSSP environment, with the opportunity to lead, mentor, and develop a team of SOC Analysts. We are expanding our Cyber Security Operations team and are seeking a Lead SOC Analyst to play a key role in protecting multiple critical client environments. This role is ideal for an experienced SOC professional looking to step into leadership while remaining hands-on with incident response and detection activities. You will lead a team of analysts within a 24/7 SOC, acting as the primary escalation point for complex incidents, supporting operational delivery, and helping to mature our detection and response capabilities across multiple clients. This role is based on site Hemel Hempstead and is shift work. 2 x days at 6am to 6PM, 2 Nights at 6PM to 6am, 4 days off. What you'll be doing: Lead and mentor a team of SOC Analysts, providing technical guidance and operational oversight during shifts. Act as the primary escalation point for high-severity security incidents. Monitor, triage, and investigate host- and network-based security alerts across critical client infrastructure. Conduct in-depth analysis of logs, alerts, and network traffic to identify malicious activity. Contribute to the development and improvement of detection rules and use cases aligned to the MITRE ATT&CK framework. Support continuous improvement of SOC processes, tooling, and incident response playbooks. Maintain clear and accurate incident documentation, including reports and post-incident reviews. Represent the SOC in operational meetings with internal teams, partners, and stakeholders. What you will bring: Proven experience working in a Security Operations Centre (SOC) environment. Experience handling and escalating security incidents across enterprise environments. Strong understanding of network and host-based attack techniques. Hands-on experience with SIEM platforms, ideally Microsoft Sentinel or Splunk. Experience leading or mentoring analysts in an operational security environment. It would be great if you had: Experience improving detection content or threat-informed defense use cases. Familiarity with the MITRE ATT&CK framework. Scripting or automation experience (e.g. Python, PowerShell, Bash). Exposure to malware analysis or reverse engineering (not required for day-to-day work). Relevant certifications such as CREST Practitioner Intrusion Analyst, Blue Team Level 1, or similar. If you are interested in this role but not sure if your skills and experience are exactly what we're looking for, please do apply, we'd love to hear from you! Employment Type: Permanent Location: Hemel Hempstead Security Clearance Level: Eligible for DV (Developed Vetting) Internal Recruiter: Lee Salary: Competitive salary, aligned with market rates Benefits: 25 days annual leave with the choice to buy additional holiday days, health cash plan, life assurance, pension, and generous flexible benefits fund Loved reading about this job and want to know more about us? Sopra Steria's Aerospace, Defence and Security business designs, develops and deploys digital solutions to Central Government clients. The work we do makes a real difference to the client's goal of National Security, and we operate in a unique and privileged environment. We are given time for professional development activities, and we coach and mentor our colleagues, sharing knowledge and learning from each other. We foster a culture in which employees feel valued and supported and have pride in their work for the customer, delivering outstanding rates of customer satisfaction in the UK's most complex safety- and security-critical markets. We embrace difference as a source of creativity, innovation and competitive advantage and are striving to become a more diverse organisation. We welcome applications from people with a diverse variety of backgrounds and identities. We are committed to equality of opportunity for all and do not discriminate on the basis of race, religion, colour, gender, age, disability, sexual orientation or marital status. We have partnered with Vercida, the UK's largest diversity and inclusion focused careers site, where all our vacancies are available in an accessible format. If you require any adjustments to the recruitment process, to enable you to perform to the best of your ability, please let us know when completing your application. We participate in the Disability Confident scheme and are committed to offering an interview to any candidate with a disability, who meets the minimum criteria for the role. If you believe this could apply to you, please let us know when completing your application.