Security Operations Center Analyst

Lead SOC Analyst (L3)

Location: London (hybrid, shift work: incl. days & nights)

Salary: up to £65,000 (depending on experience) + 25% Shift Allowance

NOTE: Due to the nature of the work, you must be eligible for UK DV Security Clearance.

We’re building a high-performing Security Operations capability to support cutting-edge, high-density compute environments. This is a pivotal opportunity for an experienced Lead SOC Analyst to step into a technically demanding, high-impact role within a 24/7 operation.

As a Lead SOC Analyst (L3), you’ll act as the escalation point for complex and high-severity incidents, driving investigations from detection through to resolution.

Key responsibilities include:

  • Leading investigations into advanced security incidents, identifying attack vectors, scope, and business impact
  • Correlating data across multiple sources (SIEM, EDR, network, cloud) to build a complete incident narrative
  • Executing and coordinating containment, eradication, and recovery actions
  • Producing detailed incident reports and root cause analyses
  • Tuning detection rules and improving alert fidelity alongside engineering teams
  • Mentoring and guiding L1/L2 analysts within the SOC
  • Contributing to continuous improvement of playbooks, tooling, and detection coverage
  • Participating in SOC simulations and incident response exercises
  • Operating as part of a 24/7 shift-based SOC team

What We’re Looking For

  • 3+ years’ experience in a SOC, Incident Response, or Threat Analysis role
  • Strong hands-on expertise with SIEM and EDR platforms
  • Deep understanding of attacker tactics, techniques, and procedures (TTPs)
  • Proven experience handling high-severity incidents end-to-end
  • Solid knowledge of malware behaviour and forensic investigation techniques
  • Strong analytical mindset with the ability to think critically under pressure

Preferred certifications:

  • GCIA, GCIH, CompTIA CySA+
  • Microsoft SC-200
  • Splunk Power User (or equivalent)

If you’re a technically sharp, incident-driven SOC leader, apply today.

Apply Now
Apply Now

Job Details

Company
Anson McCade
Location
City of London, London, United Kingdom
Hybrid / Remote Options
Posted