SOC Manager / Lead
Competitive Salary + 25 Days Holiday + Birthday Day Off + Pension + Benefits
Location: London, Birmingham or Newport
Our client is looking to hire a SOC Lead, to develop and manage the security operations team within one of their HMG clients. Working closely with the Head of SecOps who you will help to shape processes and approach to SecOps whilst building a highly skilled, engaged team of Analysts. As an all-rounder with excellent technical skills, you’ll share your knowledge with the team and our client, driving maturity and improvements across the SOC to ensure we are one step ahead of the game.
You’ll forge strong relationships with our client and the team and work to, develop, own and manage the SOC service we provide them, with the aim of making it best in class. Working with the wider team you will be constantly looking for ways to improve how we deliver the best service to the client.
Our SOC Team are based across the UK in hubs located in Birmingham, London and Newport; so, you’ll work to ensure that everyone feels included no matter their location. As a team we’re always looking to raise the bar on our performance, learn new things and incorporate new technologies and you will too! You’ll share your knowledge with the team and the wider group community, contributing to Group blogs and undertaking research related to technology enhancements.
· Primarily responsible for security event monitoring, management and response
· Responsible for continuous improvement of response automation
· Ensure compliance to SLA’s and KPI’s, process adherence and process improvisation to achieve operational objectives
· Establish, develop, and revise processes to build and strengthen the SOC
· Provide guidance and direction on threat management, threat modelling, identify threat vectors and the development of use cases for security monitoring
· Responsible for integration of standard and non-standard logs in the SIEM
· Build: to plan, design, implement and deploy a Managed Security Service capability within defined timescales.
· Manage: support the recruitment process to hire, on-board, train, develop and motivate a team of top-tier SOC Analysts. To inspire, lead and mentor both junior and experienced team members. Manage members of your team to ensure they are full engaged and performing to the best of their potential
· Deliver: to ‘own’ the client SOC, providing a world class service to our stakeholders.
· Domain knowledge: to contribute to overall company and client strategy through awareness of current and evolving industry trends and threats.
· Communicate: to regularly provide clear and concise reports and presentations to the team and Head of SecOps.
· Formalize: Develop and maintain Standard Operating Procedures to ensure fluid and consistent on-boarding, investigations, and responses.
· Ownership: Be responsible for the quality of the service and final deliverables of your team
· Innovate: Take responsibility for improving all areas of the SOC, creating an internal Continual Service Improvement Plan to drive the maturity of the SOC
· Develop: Provide training and mentoring to other analysts
To be epic at the role you will have:
· Familiarity with documentation and process alignment with relevant industry standards and best practices (e.g., ISO27001, CIS)
· In-depth knowledge of industry compliance and regulation requirements
· Experience in security device management and SIEM operation Experience with Splunk ES and general playbook automation
· Experience in threat management including but not limited to Mitre ATT&CK framework
· In-depth knowledge of various operating systems including but not limited to Linux, MacOS, Windows
· Knowledge of applications, databases, middleware to address security threats
· Excellent communication and leadership skills
· Good Analytical skills, Problem solving and Interpersonal skills
· Experience in developing, building and managing a geo-located SOC team
· Experience and in-depth knowledge of incident management including facilitating incident response activities (provided by a 3rd party supplier).
· Managed a team of technically skilled SOC Analysts and Security Engineers
· Managed enterprise-level SOCs or large government SOCs.
· Developed and tuned use cases
· Experience writing playbooks
· Able to define and report against the agreed KPIs to the executive team
· Experience in resolving issues with clients at a senior level
· CREST Certified Incident Manager (CCIM) qualification useful but not essential
· Cyber Security Certifications useful but not essential
The group is a community of 110+ passionate people united by one overall mission... to make the world safer, one business at a time. We are the "one-stop shop" for all things cyber and are working to build a centre of excellence for our customers by building an amazing place to work, learn and develop for our people.
We work with a diverse range of clients, including large Governmental departments as well as other public sector organisations and businesses within the private sector. We're growing our business and our team through our continuous investment in developing technology and cyber capability; we aim to deliver innovation to our customers as fast as possible. Whether it's AI-driven ML-based threat intelligence or rapid start hybrid Cloud; our goal is to implement solutions that make us stand out in the market.