Job Description
We are recruiting an experienced SOC Team Lead to take ownership of day-to-day Security Operations Centre activities, providing hands-on technical leadership while supporting the development and performance of a growing SOC function.
This role sits at the intersection of technical expertise, people leadership, and client engagement. You will act as the senior point of escalation for complex security incidents, guide analysts through investigations, and work closely with clients to ensure robust and effective cyber security outcomes.
Key Responsibilities
SOC Leadership & Technical Oversight
* Lead and support a team of SOC analysts, ensuring high standards of performance and collaboration
* Provide mentoring, coaching, and technical guidance across incident response and investigation activities
* Act as the senior escalation point for complex or high-impact security incidents
* Support advanced threat hunting, forensic investigation, and security analysis
* Contribute to hiring, onboarding, and capability development within the SOC
Client Engagement & Security Advisory
* Act as a senior technical contact for key SOC clients
* Oversee client onboarding and integration of security tools into SOC services
* Deliver service reviews, technical briefings, and security posture assessments
* Advise clients on security improvements, best practice, and threat mitigation strategies
* Work closely with internal teams to enhance automation and SOAR workflows
Operational Improvement
* Develop and refine SOC processes, procedures, and response playbooks
* Track SOC performance metrics and identify opportunities for efficiency and quality improvement
* Ensure services align with recognised security frameworks and regulatory requirements
Skills & Experience
* 4+ years’ experience in a SOC or security operations environment
* Previous experience in a technical leadership or senior analyst role
* Strong hands-on knowledge of SIEM, SOAR, EDR, firewalls, and threat intelligence platforms
* Practical experience handling security incidents, threat hunting, and investigations
* Solid understanding of attacker tactics, techniques, and frameworks such as MITRE ATT&CK
* Proven experience working with clients in a consultative or advisory capacity
* Background working within an MSSP environment
Desirable
* CISSP, CISM, GIAC, or similar certifications
* Scripting or automation experience (Python, PowerShell, etc.)