×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Security Manager

SOC Principal - Threat Operations

Job in Milton Keynes, Buckinghamshire, MK1, England, UK
Listing for: Bluecube Technology Solutions - An Ekco Company
Full Time position
Listed on 2025-12-30
Job specializations:
  • IT/Tech
    Cybersecurity, Security Manager
Job Description & How to Apply Below

SOC Principal - Threat Operations at Bluecube Technology Solutions - An Ekco Company

4 days ago Be among the first 25 applicants

About Ekco

Founded in 2016, Ekco is now one of the fastest growing cloud and security solution providers in Europe! We specialise in enabling companies to progress along the path of cloud maturity, cybersecurity, managing transformation and driving better outcomes from our clients’ existing technology investments. We are the people who power your possible. We have over 600 highly talented and supportive colleagues across a number of regional offices in Ireland, the Netherlands and the UK.

Role

We are seeking a Threat Operations Principal to act as the technical authority driving the evolution of our SOC capability. The Threat Operations team focuses on advancing detection capability, hunting practices, and investigative standards to ensure the SOC remains ahead of emerging threats. By shaping how complex threats are identified and handled, the Principal sets the benchmark for technical excellence across the team.

As a senior escalation point, the Principal provides deep technical guidance to analysts while fostering a culture of continual improvement. Working closely with Detection Engineering, Threat Intelligence, and Incident Response, you will play a key role in maturing detection coverage, refining response workflows, and building the SOC’s long‑term resilience against advanced adversaries.

Key Responsibilities

Operational Leadership:

  • Lead and oversee investigations into complex or ambiguous threats escalated from the SOC.
  • Conduct root cause analysis and post‑incident reviews, ensuring lessons learned feed back into operations.
  • Identify and close detection gaps by collaborating with Detection Engineering on new, tuned, or improved rules.
  • Drive proactive threat hunting initiatives using intelligence, behavioural indicators, and anomaly detection.
  • Validate high‑severity alerts for both technical accuracy and business impact.

Capability & People Leadership

  • Act as the escalation point for technical investigations and threat‑related queries from Senior Analysts.
  • Provide technical mentoring, informal upskilling, and guidance to SOC analysts.
  • Contribute to the development, testing, and refinement of SOC SOPs, playbooks, and the detection lifecycle.
  • Participate in evaluating and tuning SOC tools and workflows (SIEM, SOAR, EDR, enrichment, automation).
  • Develop and enhance SOC capabilities, including enrichment logic, automation use cases, and threat hunting frameworks.
  • Collaborate with Threat Intelligence to generate hunting leads and contribute insights back into CTI production.

Client Assurance & Representation

  • Represent SOC technical expertise in internal and client‑facing service reviews.
  • Provide expert support and guidance for client incidents escalated to SOC leadership.

Key Requirements

  • Proven experience working within MSSP.
  • Strong expertise in SOC technologies (SIEM, EDR, SOAR, etc).
  • In‑depth expertise in the analysis of logs, artefacts, security events, IOCs, tactics, techniques and procedures (TTP’s).
  • Proven ability to mentor and develop SOC analysts and act as a technical escalation point.
  • Confidence representing SOC technical expertise in client‑facing discussions and incident reviews.
  • Strong analytical mindset with the ability to identify and drive strategic improvements across SOC operations.
  • Experience collaborating with cross‑functional teams (Threat Intelligence, Detection Engineering, Incident Response) to strengthen detection and response capabilities.
  • Deep understanding of the cyber kill chain and cybersecurity frameworks (e.g., MITRE ATT&CK, NIST, CIS) and threat landscapes.
  • Proven ability to handle high‑pressure situations, make critical decisions, and manage complex incidents.
  • Excellent communication and interpersonal skills, both verbal and written, to manage stakeholder and client relationships effectively.
  • Strong organisational and administrative skills, with attention to detail.
  • Good problem‑solving abilities with a proactive focus on finding innovative and practical solutions.
  • Ability to work collaboratively in a fast‑paced environment.

What’s in it for you?

  • Time off – 25 days…
Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search