The Role
The SOC Manager is responsible for managing and maintaining the security operations centre's day-to-day activities, including mentoring, supervising and developing SOC staff, developing and implementing security protocols, and ensuring the detection, analysis, response and resolution of security incidents. The role requires leadership in incident response, detection engineering, threat intelligence, and vulnerability management, while collaborating with other teams across the business to ensure enterprise-wide security measures are effective.
UKSV is required for this position. Candidates must possess or be eligible to obtain clearance.
Role Responsibilities
Key responsibilities include, but are not limited to:
Leadership and Team Management:
* Lead and manage a team of SOC analysts and security engineers, ensuring operational excellence and maintaining high levels of motivation.
* Create and maintain shift schedules for the SOC team to ensure continuous coverage.
* Develop and implement training programs to enhance the team’s skill set and knowledge in cybersecurity best practices.
* Conduct performance evaluations, mentoring, and career development for SOC staff.
Incident Management:
* Lead the incident response process, ensuring that security incidents are properly identified, triaged, investigated, and resolved.
* Develop and refine incident response procedures, playbooks, and escalation protocols.
* Coordinate with internal stakeholders (e.g., IT, legal, risk management) to respond to security incidents.
* Ensure that all incidents are properly documented and that lessons learned are integrated into security processes.
Threat Monitoring and Detection:
* Oversee real-time security monitoring activities to detect potential security threats or vulnerabilities.
* Ensure the proper configuration and use of security tools, such as SIEM (Security Information and Event Management) systems, intrusion detection systems (IDS), and firewalls.
* Collaborate with other security and IT teams to identify and mitigate risks proactively.
Strategic Planning and Process Improvement:
* Develop SOC strategies, policies, and procedures to improve overall security operations and incident response capabilities.
* Ensure continuous improvement of SOC operations through regular assessments, audits, and performance reviews.
* Stay current on the latest cybersecurity trends, threats, and technology developments to inform security strategy and improvements.
* Manage relationships with external partners, vendors, and managed security service providers (MSSPs).
Compliance and Reporting:
* Ensure compliance with industry standards, regulations, and internal security policies.
* Prepare regular reports and metrics for senior management on SOC operations, incidents, and overall security posture.
* Ensure that logs, reports, and evidence are maintained in a way that supports regulatory and legal requirements.
Budget and Resource allocation:
* Develop and manage the SOC budget, ensuring efficient use of resources and optimal toolset performance.
* Recommend investments in security technologies and upgrades based on risk assessments and identified gaps.
Education and Experience Requirements
As the SOC Manager, you will have:
Experience:
* 5+ years of experience in cybersecurity, with at least 2-3 years in a SOC or incident response environment.
* Proven experience leading security teams in a SOC or similar environment.
* Strong background in security monitoring tools, incident detection, and response protocols.
Education:
* Bachelor’s degree in Computer Science, Information Security, or a related field or equivalent experience.
Certifications:
* Relevant cybersecurity certifications such as CISSP, CISM, CEH, GCIA, GCIH, or others are highly desirable.
Technical Skills:
* Proficiency in using security tools and technologies (SIEM, IDS/IPS, EDR, firewalls, etc.).
* Strong knowledge of cybersecurity frameworks (NIST, ISO 27001, MITRE ATT&CK).
* Understanding of network protocols, malware analysis, threat intelligence, and vulnerability management.
* Familiarity with scripting and automation for security operations.
Soft Skills:
* Excellent leadership and team management abilities.
* Strong communication skills to collaborate with both technical and non-technical stakeholders.
* Ability to work well under pressure and manage multiple incidents simultaneously.
* Strong problem-solving skills and analytical thinking.
Working Environment:
* Full-time, onsite in our new NOC / SOC workspace.
* Ability to work flexible hours, including after-hours support when necessary.
* On-call rotation for critical incident management.
Already work with us. Internal applicants please send your CV direct to recruitment.
The Company
SecureCloud+ specialises in providing fully managed secure ICT services to the UK's Defence and Security sectors, as well as other government departments with complex and demanding security requirements. SecureCloud+ prides itself on its successful track-record of delivering real benefits to its customers, but also on its ethos of investing in its employees’ personal and professional growth.
Are you ready to embark on this exciting career opportunity? We look forward to welcoming you to our esteemed team at SecureCloud+.
SecureCloud+ is an equal opportunities employer and does not discriminate based on age, sex, colour, religion, race, disability, or sexual orientation. Our hiring decisions are based on an individual’s experience and qualifications for the job advertised.