SOC Manager

SOC Manager required for innovative MSP. You will lead the strategic direction, performance, and day-to-day operations of their Security Operations Centre (SOC). As a central figure in security services, you'll ensure the efficient detection, analysis, and response to cyber threats across a diverse client portfolio. This leadership role involves mentoring your team, enhancing our security processes, and driving ongoing improvements in threat detection and incident response capabilities.Key ResponsibilitiesTeam Leadership & DevelopmentLead and mentor a team of SOC analysts, fostering a collaborative, high-performing environment.Manage team scheduling, conduct performance reviews, and support professional growth and development.SOC Operations OversightSupervise 24/7/365 monitoring of client environments, ensuring consistent adherence to SLAs for threat detection and incident response.Drive operational efficiency and ensure timely escalation and resolution of security incidents.Incident Response ManagementServe as the main escalation point for significant security incidents.Coordinate response efforts and ensure clear communication with both internal teams and external clients.Process & Workflow OptimizationContinuously review, update, and document SOC processes, playbooks, and standard operating procedures (SOPs) to improve operational effectiveness.Technology OversightEnsure the reliability and performance of security tools, including SIEM and EDR platforms.Lead the evaluation, selection, and implementation of new security technologies and enhancements.Reporting & AnalyticsDevelop and maintain KPIs and metrics to assess SOC performance.Deliver regular reports and insights to senior leadership and clients on security trends and incident management.Client Relationship ManagementAct as a trusted advisor to clients, contributing to service reviews and providing expert security guidance.Required Experience & SkillsProven experience working in a Security Operations Centre (SOC) or related cybersecurity environment.Industry-recognised certifications (preferred), such as a cybersecurity degree, Network+, Security+, or equivalent technical qualifications.Strong hands-on knowledge of SIEM and EDR platforms, including experience configuring and writing queries (eg, SQL, KQL).Familiarity with cloud platforms (AWS, Azure, etc.) and securing hybrid IT environments.Excellent communication skills, both verbal and written, with the ability to translate technical information for non-technical audiences.Previous experience in an incident response role and a solid understanding of IR processes.Demonstrated experience leading or managing a security-focused team.Understanding of key security frameworks and standards, such as ISO 27001, NIST, and CREST.

Created: 2025-10-11