SOC Operations Manager

We are looking for a dynamic and experienced SOC Operations Manager to lead and shape the delivery of our Security Operations Centre (SOC) services. In this pivotal role, you will be responsible for ensuring the SOC operates at peak performance while driving continual improvement, with a strong focus on ITIL service management principles and full alignment with CREST standards.

Based on-site in Hemel Hempstead, this is an outstanding opportunity for a SOC Operations Manager with proven experience in monitoring and analysing security threats for multiple customers. You will oversee and mentor a skilled team of analysts, fostering a culture of continuous learning, champion best practices in threat detection and incident management, and play a key role in safeguarding our organisation's digital environment. Communications with key business partners is key regarding risks, threats and SOC performance.

Familiarity with NIST Cybersecurity, MITRE ATT&CK, Splunk, Sentinel and ISO27001 is vital.

What you will be doing:

• Lead, mentor, and develop SOC analysts and incident responders.
• Provide technical direction, conduct performance reviews, and foster continuous improvement.
• Oversee full lifecycle of security incidents from detection to resolution.
• Ensure compliance with SLAs and escalation protocols.
• Maintain and enhance incident response plans and procedures.
• Direct threat intelligence collection and analysis.
• Manage vulnerability assessments and coordinate remediation.
• Monitor and analyse security events across multiple platforms.
• Identify, assess, and escalate threats and vulnerabilities.
• Maintain and evolve SOC operational documentation and processes.
• Deliver training, mentorship, and knowledge sharing across the team.
• Ensure tool proficiency and promote a culture of continuous learning.
• Communicate effectively with senior stakeholders on risks and incidents.
• Provide regular SOC performance reports and updates.
• Ensure SOC operations adhere to CREST and ITIL standards.
• Support accreditation maintenance and operational readiness.

What you will bring:

• Demonstrated experience leading Security Operations Centre (SOC) teams in a 24×7 environment, driving operational excellence and continuous improvement.
• Ability to harness data analysis to detect threats, identify trends, and deliver actionable security insights.
• Strong track record in threat detection, incident management, and escalation handling.
• Hands-on experience managing SIEM and SOAR platforms such as Splunk, Microsoft Sentinel, or Elastic.
• Skilled in coaching analysts, building high-performing teams, and managing effective shift models.
• Confident communicator with the ability to translate complex technical risks into clear business impacts for senior stakeholders.
• Familiarity with NIST Cybersecurity Framework and MITRE ATT&CK.
• Understanding of ISO 27001 standards and compliance best practices.
• Working knowledge of the CREST SOC Maturity Model.
• Experience applying ITIL processes across incident, problem, and change management.
• Vendor-specific accreditations (e.g. Splunk Certified, Microsoft SC-200).
• Relevant security or management certifications.

If you are interested in this role but not sure if your skills and experience are exactly what we're looking for, please do apply, we'd love to hear from you

Although this role is advertised as full-time, we support different ways of working and can offer a range of flexible working arrangements. So, if you're interested and need to work flexibly, we encourage you to apply and talk to us about what might be possible.

**Employment Type: Full Time, Permanent

Location: Hemel Hempstead ON-SITE

Security Clearance Level: ideally SC or DV Cleared, willing to obtain DV clearance

Internal Recruiter: Lee

Salary: £80-£90k

Benefits: Car Allowance, 25 days annual leave with the option to buy additional days, private health care, life assurance, pension, and generous flexible benefits fund (3% of base salary).
Loved reading about this job and want to know more about us?**
Sopra Steria's Aerospace, Defence and Security business designs, develops and deploys digital solutions to Central Government clients. The work we do makes a real difference to the client's goal of National Security, and we operate in a unique and privileged environment. We are given time for professional development activities, and we coach and mentor our colleagues, sharing knowledge and learning from each other. We foster a culture in which employees feel valued and supported and have pride in their work for the customer, delivering outstanding rates of customer satisfaction in the UK's most complex safety- and security-critical markets.

We embrace difference as a source of creativity, innovation and competitive advantage and are striving to become a more diverse organisation. We welcome applications from people with a diverse variety of backgrounds and identities. We are committed to equality of opportunity for all and do not discriminate on the basis of race, religion, colour, gender, age, disability, sexual orientation or marital status. We have partnered with Vercida, the UK's largest diversity and inclusion focused careers site, where all our vacancies are available in an accessible format.

If you require any adjustments to the recruitment process, to enable you to perform to the best of your ability, please let us know when completing your application. We participate in the Disability Confident scheme and are committed to offering an interview to any candidate with a disability, who meets the minimum criteria for the role. If you believe this could apply to you, please let us know when completing your application.