Security Operations Manager

SOC Shift Lead – London

Salary: £46,000 – £84,000 + 25% Shift Allowance

Location: London (On‐site)

Security Requirement: DV‐clearable (does not need to hold DV at application stage)

Work Pattern: 24/7 shift rota — 14 shifts per 28‐day cycle, 12‐hour shifts, rotating nights/days

Career Level: Associate Manager

About the Role

We are seeking an experienced SOC Shift Lead to join a highly secure, high‐performance operations environment supporting sensitive UK‐based compute infrastructure.

This role is central to real‐time defensive security operations and requires a decisive leader capable of managing escalations, guiding analysts, and maintaining a strong security posture across mission‐critical systems.

You will operate within a 24/7 Security Operations Centre, leading your assigned shift, coordinating incident response activities, and ensuring operational continuity in the absence of senior management.

Key Responsibilities

  • Lead investigations into escalated security incidents, assessing attack vectors, scope, and business impact.
  • Correlate telemetry across SIEM, EDR, network, and cloud data sources to form complete incident narratives.
  • Direct containment, eradication, and recovery actions in partnership with IT/OT stakeholders.
  • Own medium‐ and high‐severity incident response activities, producing detailed investigation documentation.
  • Tune and optimise detection content in collaboration with engineering and content‐development teams.
  • Identify detection gaps and recommend improvements to playbooks, workflows, and overall SOC maturity.
  • Mentor L1 Analysts, providing technical guidance and quality assurance on triage work.
  • Participate in SOC exercises, simulations, and continuous readiness activities.
  • Act as shift authority, managing escalations and ensuring operational stability during your rotation.

Role Requirements

  • Education: Bachelor’s degree in Cybersecurity, Computer Science, or related discipline.
  • Experience: 7–10 years in SOC operations, incident response, threat analysis, or similar defensive security roles.
  • Preferred Certifications: GCIA, GCIH, CompTIA CySA+, Microsoft SC‐200, Splunk Power User (or equivalent).
  • Technical Expertise:
  • Strong analytical mindset with deep knowledge of SIEM/EDR tooling.
  • Understanding of adversary behaviour, malware characteristics, and incident‐handling methodologies.

Shift Structure & Security Conditions

  • 14 shifts every 28 days, each 12 hours, rotating 3 nights → 4 days off → 3 days.
  • Includes a 25% shift premium based on base salary.
  • Must be British‐born and eligible for DV clearance.
  • Employment requires passing BPSS checks and meeting strict security‐history requirements.
Apply Now
Apply Now

Job Details

Company
Anson McCade
Location
London Area, United Kingdom
Posted