Accessibility
Home
Jobs
Upload CV
Find Talent
Careers
SOC Lead
SOC lead required for innovative MSP. You will lead the strategic direction, performance, and day-to-day operations of their Security Operations Centre (SOC). As a central figure in security services, you’ll ensure the efficient detection, analysis, and response to cyber threats across a diverse client portfolio. This leadership role involves mentoring your team, enhancing our security processes, and driving ongoing improvements in threat detection and incident response capabilities.
Key Responsibilities
Team Leadership & Development
- Lead and mentor a team of SOC analysts, fostering a collaborative, high-performing environment.
- Manage team scheduling, conduct performance reviews, and support professional growth and development.
SOC Operations Oversight
- Supervise 24/7/365 monitoring of client environments, ensuring consistent adherence to SLAs for threat detection and incident response.
- Drive operational efficiency and ensure timely escalation and resolution of security incidents.
Incident Response Management
- Serve as the main escalation point for significant security incidents.
- Coordinate response efforts and ensure clear communication with both internal teams and external clients.
Process & Workflow Optimization
- Continuously review, update, and document SOC processes, playbooks, and standard operating procedures (SOPs) to improve operational effectiveness.
Technology Oversight
- Ensure the reliability and performance of security tools, including SIEM and EDR platforms.
- Lead the evaluation, selection, and implementation of new security technologies and enhancements.
Reporting & Analytics
- Develop and maintain KPIs and metrics to assess SOC performance.
- Deliver regular reports and insights to senior leadership and clients on security trends and incident management.
Client Relationship Management
- Act as a trusted advisor to clients, contributing to service reviews and providing expert security guidance.
Required Experience & Skills
- Proven experience working in a Security Operations Centre (SOC) or related cybersecurity environment.
- Industry-recognised certifications (preferred), such as a cybersecurity degree, Network+, Security+, or equivalent technical qualifications.
- Strong hands-on knowledge of SIEM and EDR platforms, including experience configuring and writing queries (eg, SQL, KQL).
- Familiarity with cloud platforms (AWS, Azure, etc.) and securing hybrid IT environments.
- Excellent communication skills, both verbal and written, with the ability to translate technical information for non-technical audiences.
- Previous experience in an incident response role and a solid understanding of IR processes.
- Demonstrated experience leading or managing a security-focused team.
- Understanding of key security frameworks and standards, such as ISO 27001, NIST, and Crest.
We seek individuals from a diverse talent pool and encourage applicants from underrepresented groups to apply to our vacancies. Our commitment to fair recruitment processes means that we welcome applicants from all backgrounds, regardless of their lived experience or personal characteristics. We also invite applicants who meet most of the listed requirements, even if not all, to apply. If you require any adjustments to the application process, please let us know.
Barclay Simpson acts as an Employment Agency for permanent positions and an Employment Business for temporary/contract engagements.
