Description:
SOC MANAGER Watford, UK
ABOUT THE CLIENT
Our client is a well-established technology and security services provider, delivering critical cyber capabilities to organisations across multiple sectors, including highly regulated industries such as Government, Defence, and Financial Services.
With a strong commitment to CREST standards and ITIL-aligned service delivery, they are investing heavily in growing their Security Operations capability and are looking for an experienced SOC Manager to lead from the front and drive operational maturity across a diverse client portfolio.
WHY THIS ROLE?
This is not a maintenance role. You will have genuine influence.
- Own the end-to-end performance of a mature, multi-client SOC
- Drive real improvements to tooling, playbooks, and threat detection capability
- Mentor and develop a team of skilled Analysts and Incident Responders
- Engage directly with senior stakeholders and shape security strategy
- Work within a collaborative leadership team that values your expertise
WHAT YOU'LL DO
As SOC Manager, you will carry full operational responsibility for service delivery, performance, and continuous improvement.
Leadership & Team Development
- Lead, mentor, and develop a team of SOC Analysts and Incident Responders
- Conduct regular performance reviews and create structured development plans
- Foster a culture of continuous improvement and operational excellence
Incident Management
- Oversee the full incident lifecycle, from detection through containment and resolution
- Ensure SLA adherence, clear escalation paths, and consistent client communication
- Maintain, test, and continuously improve incident response plans and playbooks
Threat Intelligence & Vulnerability Oversight
- Direct threat intelligence collection and analysis to support proactive defence strategies
- Oversee vulnerability management, ensuring timely identification and remediation
- Leverage data analysis to detect trends and deliver actionable insights to clients
Standards, Compliance & Reporting
- Embed CREST-aligned and ITIL-driven best practice into day-to-day operations
- Support ongoing CREST accreditation and audit readiness
- Provide regular performance reporting to senior stakeholders across the client base
WHAT WE'RE LOOKING FOR
Essential
- Proven experience leading or managing a Security Operations Centre
- Strong background in security monitoring, incident response, and threat detection
- Experience developing and maintaining SOC playbooks and standard operating procedures
- Solid working knowledge of the MITRE ATT&CK framework
- Hands-on experience with SIEM or XDR platforms, e.g. Microsoft Sentinel, Splunk, or ELK
- Excellent stakeholder management and communication skills
- Understanding of ITIL service management principles
- Experience working with multiple clients across different industry sectors
Desirable
- Knowledge of NIST, ISO 27001, or other relevant security frameworks
- CISM, CISSP, or CREST SOC Manager / Analyst certification
- Experience in regulated environments such as Government, Defence, or Financial Services
THE BENEFITS
- Career progression within a growing, well-funded cyber function
- Exposure to complex, multi-client security environments across regulated sectors
- Ongoing professional development and certification support
- Real opportunity to influence security strategy, tooling, and process improvement
- Collaborative and supportive leadership team