SOC Lead

SOC Lead 6 months Bath - hybrid x3 days onsite x2 remote Active SC/DV clearance required 700 per day outside IR35 The SOC Lead - Threat Hunting and Investigations is responsible for leading advanced threat detection, proactive threat hunting, and complex security investigations across the enterprise. This role focuses on identifying unknown threats, coordinating deep-dive investigations, and elevating the maturity of SOC investigative and hunting capabilities. The role combines technical leadership, hands-on expertise, and mentorship of analysts.Key ResponsibilitiesThreat HuntingLead proactive, hypothesis-driven threat hunting activities across endpoint, network, cloud, identity, and SaaS environmentsDevelop and maintain threat hunting playbooks aligned to MITRE ATTandCK techniquesIdentify stealthy, low-and-slow, and novel attack patterns not detected by automated controlsTranslate threat intelligence into actionable hunt hypothesesContinuously refine detection logic based on hunt outcomes and emerging threatsInvestigations and Incident ResponseLead complex and high-severity security investigations from triage through containment and remediationAct as the technical escalation point for advanced SOC investigationsConduct root cause analysis and attacker kill-chain reconstructionProduce clear, defensible investigation documentation suitable for executive, legal, and regulatory audiencesCoordinate incident response activities with IR, IT, Legal, Risk, and external partners as ..... full job details .....