SOC Shift Lead

SOC Shift Lead (24/7 Shift Pattern)

Salary: Up to £84,000 + 25% Shift Allowance

Location: London (hybrid)

We are seeking an experienced SOC Shift Lead to join a high-performing cyber security operations team supporting a critical, high-security environment in London. This is a hands-on leadership role within a 24/7 SOC, operating on a structured shift pattern (no on-call requirement).

This opportunity is ideal for a seasoned cyber security professional who thrives in fast-paced environments, enjoys leading from the front, and has a strong background in incident response and threat analysis.

NOTE: Candidates must be eligible for UK Developed Vetting (DV) Clearance.

Key Responsibilities

  • Act as the escalation point for complex and high-severity security incidents
  • Lead end-to-end incident response including investigation, containment, eradication, and recovery
  • Perform deep-dive analysis to identify attack vectors, scope, and business impact
  • Correlate data across multiple security tools (SIEM, EDR, etc.) to build a complete incident picture
  • Produce detailed incident reports and root cause analysis
  • Mentor and guide L1 analysts, ensuring high operational standards across the shift
  • Support continuous improvement of detection rules, playbooks, and SOC processes
  • Take ownership of SOC operations during your shift, acting as the senior authority in the absence of senior management

Required Experience & Skills

  • 7+ years’ commercial experience within SOC, Incident Response, or Threat Detection environments
  • Strong expertise with SIEM and EDR platforms, threat analysis, and incident handling methodologies
  • Proven ability to lead and coordinate response to medium-to-high severity incidents
  • Solid understanding of malware behaviour, attack techniques, and cyber threat landscapes
  • Experience mentoring or leading junior analysts in a SOC environment
  • Ability to operate effectively under pressure in a 24/7 shift-based environment

Desirable

  • Relevant certifications such as GCIA, GCIH, CompTIA CySA+, SC-200, or Splunk certifications
  • Experience working in highly secure, regulated, or sensitive environments

If you are a hands-on SOC leader who can take control of high-severity incidents and drive real-time cyber defence, apply today.

Apply Now
Apply Now

Job Details

Company
Anson McCade
Location
United Kingdom
Hybrid / Remote Options
Posted