SOC Shift Lead



    It matters to us that Team O2 is as diverse as the communities we serve. 

    We welcome and encourage people from all backgrounds to apply.   

    Whoever you are, O2 has a place for you. 

    Come join us.


    Job grade: PTG/VM Level 4

    Location(s): Northampton

    Closing Date: 20/01/2023


    Virgin Media O2 is on a truly inspirational adventure. As one of the world’s most innovative communication companies and the name behind flagship brands such as O2 and Virgin, we are thinking bigger than ever before. We are taking on new challenges around the world and exploring new ways to open up the world for our millions of customers. And you could be part of it all.


    About the Team

    You will be joining a newly set up SOC (Security Operations Centre) looking after internal and external customers such as Smart Metering. The team performs a key role in the monitoring and management of SM, Corporate and Enterprise infrastructure. It acts as the central point of contact for monitoring and reacting to any event that may affect the security of the business.


    About the role

    The SOC Shift Lead will be responsible for managing a team of analysts and a Senior analyst.

    The team need to be able to deliver good and effective monitoring of all our live information environments.

    As shift Lead it is critical that the managing of people effectively is prioritised. Your team should be strong without you, confident in executing their duties and be independent, supported to learn and be inquisitive and take training courses.

    The SOC Shift Lead will be comfortable having difficult conversations, inspire his/her team members to enjoy their careers. The Shift Lead will manage with positivity and integrity and deliver the important narratives of the Head of Security Operations.


    The shift lead will own difficult tasks, be responsible for report writing and escalating issues to CERT and the Head of security Operations. They will build good trouble shooting relationships with stakeholders, and own and resolve issues with ticketing and the breaching of SLA’s.


    Key Responsibilities

    Day to day the role will have the following Key Responsibilities:

    • Management of your shift team on a day-to-day basis.
    • Supporting the Analysts to monitor for events across multiple security technologies, including intruder detection systems, malware detection, file integrity systems, SIEM toolset and others as defined for this service.
    • Ensure that SOC scheduled tasks, reported events and incidents are appropriately progressed.
    • Work collaboratively with other stakeholders and shift leads on projects what can involve new monitoring opportunities and exciting projects around technologies and learning.
    • Manage security incidents in relation to the Smart Metering infrastructure and evaluate the likely impact they will have e.g., in terms of service degradation severity, security risks and duration as well as numbers of consumers affected.
    • Perform routine toolset administration and engineering where authorisations and training have been permitted.
    • Contacting parties identified in incident tickets where no authorisation is visible, escalating and resolving issues that no one is progressing.
    • Preparing incident closure reports.
    • Reviewing the ticket quality of your team.
    • Providing feedback to rule definers to improve the effectiveness of filters and rules used in the automated creation and population of incident tickets.
    • Preparation and delivery of Security, Risk, Compliance and Service reporting.


    Everything else:

    • Oversee the maintenance of SOC documentation, identify, and make improvements.
    • Support Compliance Programme activities.
    • Be innovative
    • Adopt a self-leadership style
    • Advocate for improvements
    • Be positive


    What We Need from You:

    Essential Skills:

    • Managing a team in an operational environment.
    • Extensive and recent experience of working as a SOC Senior Analyst.
    • Experience with SIEM, Analytics and Incident Management toolsets, ideally HP ArcSight, Splunk and Resilient Systems’ IRP and BMC Remedy.
    • Network management with detailed technical knowledge of networks and networking protocols in use (including TCP / IP, Port usage, UDP packets and payload analysis).
    • Knowledge of ISO 27001, ITIL or ISO 20000, ISO 22301 and relevant CESG GPGs.
    • Experience with Intrusion Detection Systems (IDS) /Intrusion Prevention Systems (IPS).
    • Detailed knowledge of system administration on Windows, Linux, and Unix systems (and relevant variants).
    • An understanding of cryptography and related concepts and principles (e.g., encryption algorithms, hash functions, PKI, key exchange, certification authorities, digital signatures).
    • An understanding of cryptographic standards and protocols (e.g., PKCS, FIPS 140–2, IPSec, SSL/TLS).
    • Experience managing relationships with third parties.




    We’ll be sending you emails about the status of your application. To make sure you receive these, please add and to your Safe Senders list.


    We’re looking to pay a great compensation package (depending on experience) for this position. We also offer plenty of extras to sweeten the deal, which could include things like bonuses, life assurance cover, health care and lots of flexible benefits.  


    Also, every employee has their personal development supported with a LinkedIn learning account; plus other role specific learning available through our award-winning digital learning platform – O2 Campus. 


    We also believe a great work-life balance is important, so we’re open to considering flexible working arrangements. Like to know more, feel free to raise it.  


    Join us and we’ll encourage you to be bold every day. So take a deep breath, your career is about to go to exciting new places. 


    If you have any questions around the role then please email who will be happy to help.