SOC Operations Manager

Hemel Hempstead (On-site)
Security Clearance - Willing and Able to go through the DV process.

Are you an experienced SOC Operations Manager ready to take the next step in your career? This is an exceptional opportunity to lead, shape, and elevate a Security Operations Centre that supports multiple high-profile customers across diverse industries.

We're looking for someone with the drive to build high‑performing teams, enhance operational excellence, and play a pivotal role in strengthening cyber resilience. You'll have the freedom to make a real impact—defining strategy, driving continual improvement, and mentoring talented analysts to deliver world‑class detection and response capabilities.

• Lead and develop a skilled SOC team, inspiring a culture of continuous learning and technical excellence.
• Oversee the full lifecycle of security incidents — from detection through to resolution and review.
• Manage and optimise SIEM and SOAR platforms (Splunk, Sentinel, Elastic) to enhance detection and automation capabilities.
• Drive continuous improvement through ITIL‑aligned processes and adherence to CREST standards.
• Oversee vulnerability management, threat intelligence, and incident response plans.
• Communicate security posture, risks, and incident outcomes clearly to senior stakeholders.
• Ensure operational readiness and contribute to maintaining industry accreditations.
• Have held budgetary responsibility.

• Proven experience leading SOC operations in a 24×7 or multi‑client environment.
• Strong background in incident management, threat detection, and escalation processes.
• Technical depth across SIEM/SOAR tooling, preferably Splunk or Microsoft Sentinel.
• A passion for developing teams — coaching analysts and building collaborative, high‑performing cultures.
• Strong understanding of frameworks and standards such as NIST, MITRE ATT&CK, ISO 27001, CREST, and ITIL.
• Excellent communication skills, with the ability to translate technical risks into clear business impacts.

• Vendor certifications such as Splunk Certified or Microsoft SC‑200.
• Security or leadership certifications (e.g., CISSP, CISM, ITIL).

This is more than just an operational role; it’s a chance to define the future of a SOC function. You'll have the platform, support, and autonomy to innovate, influence strategy, and drive measurable improvement across people, process, and technology.

If you're looking for a hands‑on leadership role where your ideas and expertise genuinely shape outcomes, this is your opportunity.

If you are interested please apply ASAP.