Security Operations Manager
Crawley, England, United Kingdom of Great Britain and Northern Ireland
Full Time
1 day ago
No Sponsorship
Key skills
ReactAIMLAnalyticsLeadershipCommunication
About this role
Role Overview
- Manages daily SOC operations including shift scheduling, on-call rotation management, alert queue oversight, escalation management, and analyst performance
- Maintains personal on-call availability to support after-hours escalations, critical security incidents, and operational continuity as required
- Ensures adequate staffing and coverage across all SOC shifts, including nights, weekends, and holidays as operationally required
- Owns and maintains security technology platforms platforms, ensuring proper tuning, rule management, and integration with threat intelligence feeds
- Develops, maintains, and enforces SOC runbooks, playbooks, and standard operating procedures for alert triage and incident response
- Oversees the triage, containment, and escalation of security incidents in alignment with the Incident Response (IR) lifecycle
- Monitors and reports on SOC performance metrics including MTTD (Mean Time to Detect), MTTR (Mean Time to Respond), alert volume, and SLA adherence
- Evaluates, deploys, and governs AI/ML-based security tools including behavioral analytics, anomaly detection, and automated alert triage platforms
- Monitors the evolving landscape of adversarial AI threats (e.g., AI-generated phishing, deepfakes, automated exploit generation) and adjusts SOC defensive posture accordingly
- Develops policy and governance frameworks around the use of AI in SOC operations, including acceptable use, model risk, and auditability
- Coordinates with IT, threat intelligence, and IR teams to ensure seamless escalation and handoff of confirmed incidents
- Conducts regular reviews of threat intelligence to align SOC detection capabilities with current attack trends and TTPs
- Supports light threat intelligence operations including IOC ingestion, threat feed management, and MITRE ATT&CK framework alignment
- Recruits, develops, and retains SOC analyst talent; conducts regular performance reviews and provides ongoing coaching
- Communicates SOC operational status, incident summaries, and risk posture to functional leadership and stakeholders
- Ensures SOC operations align with applicable security policies, standards, and regulatory requirements
Requirements
- Bachelor's degree + 2 years relevant work experience OR 6 years relevant work experience.
- An understanding of business needs and commitment to delivering high-quality, prompt, and efficient service to the business
- An understanding of organizational mission, values, and goals and consistent application of this knowledge
- Ability to react to high pressure dynamic changing environments
- Experience and understanding of the impact of emerging business and technologies have on information security requirements and architecture
- Demonstrated technical experience in existing security and IT systems and an ability to keep pace with changing security and IT technologies
- Strong interpersonal skills, with an emphasis on the ability to effectively influence others
- Strong documentation and communication skills, an ability to draft clear, comprehensive reports and to translate complex technical findings into summaries for stakeholders and leadership
- A team-focused mentality with the proven ability to work effectively with diverse stakeholders and leading information security employees to success
- Acquire, manage, retain, and grow talented employees while possessing of a high sense of urgency and personal integrity with the highest ethical standards and values with and an innate drive to win
Tech Stack
- React
Benefits
- Competitive salary and bonus scheme
- Hybrid working
- Rentokil Initial Reward Scheme
- 23 days holiday, plus 8 bank holidays
- Employee Assistance Programme
- Death in service benefit
- Healthcare
- Free parking