Hiring Now: SOC Lead Near You – Apply Today!

Your Next SOC Lead Job Starts Here – Apply Now!

SOC Lead

Job Posted: 15 hours ago

Salary: £ 600 - 700 / Day
Job Type: Contract
Location: Bath, Somerset

Expire in: a month

Job Description

SOC Lead 

6 months 

Bath - hybrid x3 days onsite x2 remote 

Active SC/DV clearance required 

£700 per day outside IR35 

The SOC Lead - Threat Hunting & Investigations is responsible for leading advanced threat detection, proactive threat hunting, and complex security investigations across the enterprise. This role focuses on identifying unknown threats, coordinating deep-dive investigations, and elevating the maturity of SOC investigative and hunting capabilities. The role combines technical leadership, hands-on expertise, and mentorship of analysts.

Key Responsibilities

Threat Hunting

Lead proactive, hypothesis-driven threat hunting activities across endpoint, network, cloud, identity, and SaaS environments
Develop and maintain threat hunting playbooks aligned to MITRE ATT&CK techniques
Identify stealthy, low-and-slow, and novel attack patterns not detected by automated controls
Translate threat intelligence into actionable hunt hypotheses
Continuously refine detection logic based on hunt outcomes and emerging threatsInvestigations & Incident Response

Lead complex and high-severity security investigations from triage through containment and remediation
Act as the technical escalation point for advanced SOC investigations
Conduct root cause analysis and attacker kill-chain reconstruction
Produce clear, defensible investigation documentation suitable for executive, legal, and regulatory audiences
Coordinate incident response activities with IR, IT, Legal, Risk, and external partners as requiredSOC Technical Leadership

Define investigation standards, workflows, and quality benchmarks
Mentor and upskill SOC analysts in hunting methodologies and investigative techniques
Review and improve alert fidelity, detection coverage, and response effectiveness
Provide technical oversight for tooling such as SIEM, EDR/XDR, NDR, SOAR, and cloud-native security platformsDetection Engineering & Improvement

Collaborate with detection engineers to convert hunt findings into new or improved detections
Identify visibility gaps and recommend logging, telemetry, and tooling improvements
Validate detection performance through purple team activities and simulationThreat Intelligence & Collaboration

Consume and operationalise internal and external threat intelligence
Maintain awareness of attacker tactics, tools, and campaigns relevant to the organisation
Act as a key interface between SOC, Threat Intel, Red Team, and Vulnerability ManagementReporting & Metrics

Track and report on hunt coverage, outcomes, dwell time, MTTR, and investigation quality
Provide regular insights to senior leadership on threat trends and risk postureRequired Skills & Experience

Technical Experience

7+ years in Security Operations, Threat Hunting, or Incident Response
Proven experience leading investigations involving advanced persistent threats, insider threats, or targeted attacks
Strong hands-on expertise with:
SIEM platforms (e.g. Sentinel, Splunk, Elastic)
EDR/XDR solutions (e.g. Defender, CrowdStrike, SentinelOne)
Network and cloud security telemetry
Strong understanding of: 
MITRE ATT&CK
Windows, Linux, and cloud attack techniques
Malware behaviours, credential abuse, lateral movement, and persistence mechanismsLeadership & Soft Skills

Demonstrated ability to lead and mentor technical teams
Strong investigative mindset with attention to detail
Excellent written and verbal communication skills
Ability to translate technical findings into business and risk contextDesirable Skills

Experience with detection engineering or SOAR automation
Purple team or red team collaboration experience
Forensic analysis experience (memory, disk, network)
Exposure to regulatory environments (e.g. ISO 27001, NIST, GDPR)Apply now to be part of this impactful opportunity

Before You Apply

Do not include the following in your job application, CV, or cover letter:

Bank details.
National Insurance number.
Date of birth.

You should not be asked for payment or irrelevant information. If you have concerns about a job advert or employer, seek guidance on how to proceed.

Looking for your next career move? Join a top company hiring SOC Lead job near me in Bath, Somerset! This is your chance to work on exciting projects, grow professionally, and enjoy a rewarding career with competitive pay and excellent benefits. Whether you're an experienced professional or looking to take the next step, this role offers the perfect opportunity to enhance your skills and make an impact. Don’t miss out—apply today via Vita CV and take your career to the next level!