SOC Operations Manager

Are you a SOC Operations Manager ready for your next challenge?

Sopra Steria’s Cyber Practice is seeking a SOC Manager to lead, shape, and elevate our Security Operations Centre. In this role, you will oversee security operations supporting multiple high-profile clients across diverse industries, driving excellence, innovation, and operational efficiency.

You will ensure the SOC operates at peak performance while continually improving processes, with a strong focus on ITIL service management principles and full alignment with CREST standards.

You will mentor and lead a skilled team of analysts, champion best practices in threat detection and incident management, and play a key role in safeguarding our organisation’s digital environment.

• Lead and Develop the SOC Team - mentor, coach, and manage analysts and incident responders, fostering a high-performing, continuously learning team.
• Oversee Incident Management - manage the full lifecycle of security incidents, ensure SLA compliance, and maintain escalation protocols.
• Drive Threat Intelligence & Vulnerability Management - direct threat intelligence collection, analyse risks, and coordinate vulnerability remediation efforts.
• Optimise SOC Operations - maintain and enhance operational documentation, processes, and tools, ensuring alignment with CREST and ITIL standards.
• Data-Driven Security Insights - monitor, analyse, and report on security events, trends, and risks, providing actionable insights for senior stakeholders.
• Champion Continuous Improvement - promote best practices in threat detection, incident response, training, and SOC performance reporting.

• Proven experience leading SOC teams in a 24×7 environment within an MSSP, driving operational excellence and continuous improvement.
• Familiarity with NIST Cybersecurity Framework, MITRE ATT&CK, Splunk, Microsoft Sentinel, and ISO 27001.
• Ability to harness data analysis to detect threats, identify trends, and deliver actionable insights.
• Strong track record in threat detection, incident management, and escalation handling.
• Skilled in coaching analysts, building high-performing teams, and managing effective shift patterns.
• Confident communicator, able to translate complex technical risks into clear business impacts for senior stakeholders.
• Working knowledge of the CREST SOC Maturity Model.
• Experience applying ITIL processes across incident, problem, and change management.

• Vendor-specific accreditations (e.g., Splunk Certified, Microsoft SC-200).
• Relevant security or management certifications.

If you are interested in this role but not sure if your skills and experience are exactly what we’re looking for, please do apply, we’d love to hear from you!

Full Time, Permanent

Hemel Hempstead

ideally SC or DV Cleared, willing to obtain DV clearance

Lee

Negotiable on experience

Bonus, £6,600 car allowance, 25 days annual leave with the option to buy additional days, private health care, life assurance, pension, and generous flexible benefits fund

Sopra Steria’s Aerospace, Defence and Security business designs, develops and deploys digital solutions to Central Government clients. The work we do makes a real difference to the client’s goal of National Security, and we operate in a unique and privileged environment. We are given time for professional development activities, and we coach and mentor our colleagues, sharing knowledge and learning from each other. We foster a culture in which employees feel valued and supported and have pride in their work for the customer, delivering outstanding rates of customer satisfaction in the UK’s most complex safety- and security-critical markets.