Lead SOC Analyst (L3)
Location: London (hybrid, shift work: incl. days & nights)
Salary: up to £65,000 (depending on experience) + 25% Shift Allowance
NOTE: Due to the nature of the work, you must be eligible for UK DV Security Clearance.
We’re building a high-performing Security Operations capability to support cutting-edge, high-density compute environments. This is a pivotal opportunity for an experienced Lead SOC Analyst to step into a technically demanding, high-impact role within a 24/7 operation.
As a Lead SOC Analyst (L3), you’ll act as the escalation point for complex and high-severity incidents, driving investigations from detection through to resolution.
Key responsibilities include:
* Leading investigations into advanced security incidents, identifying attack vectors, scope, and business impact
* Correlating data across multiple sources (SIEM, EDR, network, cloud) to build a complete incident narrative
* Executing and coordinating containment, eradication, and recovery actions
* Producing detailed incident reports and root cause analyses
* Tuning detection rules and improving alert fidelity alongside engineering teams
* Mentoring and guiding L1/L2 analysts within the SOC
* Contributing to continuous improvement of playbooks, tooling, and detection coverage
* Participating in SOC simulations and incident response exercises
* Operating as part of a 24/7 shift-based SOC team
What We’re Looking For
* 3+ years’ experience in a SOC, Incident Response, or Threat Analysis role
* Strong hands-on expertise with SIEM and EDR platforms
* Deep understanding of attacker tactics, techniques, and procedures (TTPs)
* Proven experience handling high-severity incidents end-to-end
* Solid knowledge of malware behaviour and forensic investigation techniques
* Strong analytical mindset with the ability to think critically under pressure
Preferred certifications:
* GCIA, GCIH, CompTIA CySA+
* Microsoft SC-200
* Splunk Power User (or equivalent)
If you’re a technically sharp, incident-driven SOC leader, apply today.