Location: Central London, Greater London - United Kingdom Type: Permanent
Security Operations Shift Lead - London
Salary: £46,000 - £84,000 + 25% Shift Allowance
Location: London (On-site)
Security Requirement: DV-clearable (does not need to hold DV at application stage)
Work Pattern: 24/7 shift rota - 14 shifts per 28-day cycle, 12-hour shifts, rotating nights/days
Career Level: Associate Manager
About the Role of Security Operations Shift Lead
We are seeking an experienced SOC Shift Lead to join a highly secure, high-performance operations environment supporting sensitive UK-based compute infrastructure.
This role is central to real-time defensive security operations and requires a decisive leader capable of managing escalations, guiding analysts, and maintaining a strong security posture across mission-critical systems.
You will operate within a 24/7 Security Operations Centre, leading your assigned shift, coordinating incident response activities, and ensuring operational continuity in the absence of senior management.
Key Responsibilities of the Security Operations Shift Lead
Lead investigations into escalated security incidents, assessing attack vectors, scope, and business impact.
Correlate telemetry across SIEM, EDR, network, and cloud data sources to form complete incident narratives.
Direct containment, eradication, and recovery actions in partnership with IT/OT stakeholders.
Own medium- and high-severity incident response activities, producing detailed investigation documentation.
Tune and optimise detection content in collaboration with engineering and content-development teams.
Identify detection gaps and recommend improvements to playbooks, workflows, and overall SOC maturity.
Mentor L1 Analysts, providing technical guidance and quality assurance on triage work.
Participate in SOC exercises, simulations, and continuous readiness activities.
Act as shift authority, managing escalations and ensuring operational stability during your rotation.
Role Requirements of the Security Operations Shift Lead
Education: Bachelor's degree in Cybersecurity, Computer Science, or related discipline.
Experience: 7-10 years in SOC operations, incident response, threat analysis, or similar defensive security roles.
Preferred Certifications: GCIA, GCIH, CompTIA CySA+, Microsoft SC-200, Splunk Power User (or equivalent).
Technical Expertise:
Strong analytical mindset with deep knowledge of SIEM/EDR tooling.
Understanding of adversary behaviour, malware characteristics, and incident-handling methodologies.
Shift Structure & Security Conditions of the Security Operations Shift Lead
14 shifts every 28 days, each 12 hours, rotating 3 nights → 4 days off → 3 days.
Includes a 25% shift premium based on base salary.
Must be British-born and eligible for DV clearance.
Employment requires passing BPSS checks and meeting strict security-history requirements.
All Job Ads are subject to GrabJobs’s Terms of Service. We allow users to flag postings that may be in violation of those terms. Job Ads may also be flagged by GrabJobs moderation team. However, no moderation system is perfect, and flagging a posting does not ensure that it will be removed.
Be the first to receive the latest Others Full-Time Jobs in the UK.
Setup your job alert:
By activating job alerts, I agree to GrabJobs Terms & Privacy Policy. I can unsubscribe to job alerts anytime.
Skip
GrabJobs is the no1 job portal in the UK, connecting you to thousands of jobs fast!
Find the best jobs in the UK, apply in 1 click and get a job today!
Salary :
Apply Now
Activate JobCopilot
Your email job alert is now active!