Security Operations Manager - SOC Manager

Security Operations Manager - SOC Manager

We’re supporting a fast-growing UK-based cyber security services provider in the search for a SOC Manager to lead a mature 24/7 Security Operations Centre.

This role sits at a senior level within the organisation and operates as a peer to the SOC Services leadership function. While SOC Services teams focus on specialist disciplines such as Detection & Tuning, Incident Response, Security Engineering, and Threat Intelligence, this role owns the day‑to‑day management of the SOC analysts and client relationships.

The position is ideal for a leader who excels in people management, operational oversight, and client communication, and who enjoys being the trusted face of the SOC to customers.

The SOC Manager will provide strategic, operational, and technical leadership for a 24/7 Security Operations Centre within a managed security services environment. The role combines people leadership, hands‑on security expertise, and client engagement, ensuring high‑quality, scalable SOC services across a diverse client base. Acting as a senior escalation point, the SOC Manager will oversee complex incidents, drive continuous improvement in detection and response capabilities, and lead the development, performance, and retention of SOC talent while maintaining strong governance and operational maturity.

• Lead and manage a 24/7 SOC team of ~30 security analysts, ensuring high performance, engagement, and retention
• Own the operational delivery of SOC services to clients, acting as the primary senior point of contact
• Build and maintain strong, trusted client relationships, ensuring clear communication during both BAU operations and incident scenarios
• Work closely with the SOC Services leadership function to ensure seamless delivery across detection, response, engineering, and intelligence capabilities
• Act as a senior escalation point for high‑impact security incidents, ensuring calm, clear, and confident stakeholder communication
• Ensure SOC performance meets or exceeds SLAs, KPIs, and contractual commitments
• Drive continuous improvement across analyst workflows, operational processes, and service maturity
• Produce clear operational reporting for internal leadership and client‑facing reviews

• Proven experience managing a 24/7 SOC within an MSSP
• Strong people leadership experience, including managing large analyst teams in shift‑based environments
• Demonstrable experience owning client‑facing SOC delivery and relationships
• Background in security operations / blue team, with sufficient technical depth to lead incident response discussions
• Experience acting as a senior escalation point during critical incidents
• Hands‑on experience with Microsoft Sentinel

• SIEM, SOAR, EDR/XDR technologies
• Incident response processes and threat detection operations
• Service management concepts including SLAs, KPIs, and reporting
• Familiarity with frameworks such as NIST, ISO 27001, MITRE ATT&CK, or similar

• Educated to degree standard in IT Security or equivalent
• GIAC Security Operations Manager (GSOM)
• Microsoft Certified:
  Security Operations Analyst Associate (SC-200)
• Microsoft Certified:
  Cybersecurity Architect Expert (SC-100)
• Microsoft Certified:
  Azure Security Engineer Associate (AZ-500)
• Certified Information Security Manager (CISM)
• Certified Information Systems Security Professional (CISSP)

Seniority level:
Mid‑Senior level

Employment type:

Full‑time

Job function:
Information Technology

Industries: IT Services and IT Consulting