SOC Manager - Contract - Inside IR35 - Hybrid London

SOC Manager - Contract - Inside IR35 - Hybrid London

1-2 days per week on site, the rest remote

Market rate - inside IR35

Description

We're looking for a SOC Manager to join our team in London, United Kingdom in a hybrid working mode. In this role, you will lead the Security Operations Center's day-to-day functions, focusing on operational excellence in incident management and response. This position ensures round-the-clock coverage, drives team performance, and maintains a high standard for incident handling and escalation. By providing leadership in Real Time threat detection and response, you will strengthen organizational resilience and safeguard critical systems against evolving cyber threats.

Responsibilities

• Lead and oversee incident management and response processes within the SOC
• Manage shift coverage, ensuring continuous and effective operation
• Monitor and analyze key performance metrics such as ticket volumes, quality and response times
• Direct Real Time threat detection and response activities
• Coordinate and guide investigations to resolve security incidents promptly
• Maintain and improve incident response processes and documentation for compliance
• Collaborate with stakeholders to escalate and resolve high-impact issues
• Promote a culture of continuous improvement in operational efficiency
• Coach and mentor SOC analysts, providing performance feedback and guidance
• Ensure adherence to established SOC policies and security best practices

Requirements

• 5+ years of experience in Security Operations, including incident management
• Proven ability to lead a SOC team, including scheduling and performance management
• Strong knowledge of threat detection tools, SIEM and ticketing systems
• Deep understanding of security fundamentals and SOC operations
• Excellent analytical and problem-solving skills
• Exceptional communication and coordination abilities
• Proven experience with enterprise-level incident response processes
• Familiarity with Microsoft Defender, Sentinel and common security stack components
• Working knowledge of Windows and Linux server environments, cloud platforms (Azure, AWS)

Nice to have

• Experience with process optimization and SOC maturity improvement initiatives
• Relevant security certifications (eg, CISSP, CISM, GIAC)
• Knowledge of automation and orchestration tools