Director, Security Operations Center - Global Security Office

Description

Please note that this role is London based, working Mon-Fri 9am to 6pm with 3 days in the office and 2 from home.

Director, Security Operations Center

About Alvarez & Marsal

Alvarez & Marsal (A&M) is a global consulting firm with over 10,000 entrepreneurial, action and results-oriented professionals in over 40 countries. We take a hands-on approach to solving our clients' problems and assisting them in reaching their potential. Our culture celebrates independent thinkers and doers who positively impact on our clients and shape our industry. The collaborative environment and engaging work—guided by A&M's core values of Integrity, Quality, Objectivity, Fun, Personal Reward, and Inclusive Diversity—are why our people love working at A&M.

The Team
Alvarez and Marsal Global Security Office is committed to delivering the highest standards of security and compliance. We are seeking a highly skilled and motivated Director to lead A&M’s Security Operations Center (SOC) and join our dynamic and growing team based in either our London or Tampa office.

How you will contribute
The Director of SOC will play a critical role in, overseeing the 24/7/365 monitoring, detection, and response to cybersecurity threats and incidents, ensuring operational excellence, threat intelligence integration, and alignment with the organization’s security objectives.

The ideal candidate is a proven cybersecurity leader with a deep understanding of security operations, threat landscapes, incident response, and team leadership. This individual will play a key role in shaping the future of our cyber defense capabilities.

Responsibilities:

• Lead and manage the daily operations of the Security Operations Center, including managing a multi-tiered team of managers, analysts, and incident responders.
• Develop and execute SOC strategy, goals, and KPIs in alignment with organizational cybersecurity and business objectives.
• Oversee incident detection, triage, investigation, and coordinated response efforts to mitigate threats in real time.
• Ensure continuous improvement of security monitoring tools, automation, playbooks, and threat detection capabilities.
• Collaborate with other cybersecurity teams, IT, legal, compliance, and business units to ensure an integrated approach to incident handling and threat mitigation.
• Manage relationships with third-party vendors, MSSPs, and threat intelligence providers.
• Prepare and present metrics, risk assessments, and incident reports to executive leadership and board-level stakeholders.
• Lead post-incident reviews to improve processes and resilience.
• Maintain up-to-date knowledge of the threat landscape, emerging technologies, and compliance requirements.
• Develop training and professional development plans to continuously grow team capabilities.

Preferred Qualifications:

• Bachelor’s degree in Computer Science, Information Security, or a related field (Master’s preferred).
• Extensive experience in cybersecurity leadership within a SOC or incident response function.
• Strong knowledge of security technologies, SIEM platforms (e.g., Chronicle, Splunk, QRadar), EDR tools, firewalls, and network security.
• Experience with security frameworks and regulations (NIST, ISO 27001, MITRE ATT&CK, CIS, etc.).
• Demonstrated experience leading security incident investigations and crisis response.
• Excellent leadership, communication, and project management skills.
• Relevant certifications such as CISSP, CISM, GIAC, or equivalent are highly preferred.

Preferred Skills:
• Experience managing global or follow-the-sun SOC operations.
• Familiarity with cloud security operations (AWS, Azure, GCP).
• Proficiency with automation and orchestration tools (SOAR platforms).
• Strong analytical mindset and the ability to make high-pressure decisions.