Barclay Simpson Recruitment

SOC Manager required for innovative MSP. You will lead the strategic direction, performance, and day-to-day operations of their Security Operations Centre (SOC). As a central figure in security services, you'll ensure the efficient detection, analysis, and response to cyber threats across a diverse client portfolio. This leadership role involves mentoring your team, enhancing our security processes, and driving ongoing improvements in threat detection and incident response capabilities. Key Responsibilities Team Leadership & Development Lead and mentor a team of SOC analysts, fostering a collaborative, high-performing environment. Manage team scheduling, conduct performance reviews, and support professional growth and development. SOC Operations Oversight Supervise 24/7/365 monitoring of client environments, ensuring consistent adherence to SLAs for threat detection and incident response. Drive operational efficiency and ensure timely escalation and resolution of security incidents. Incident Response Management Serve as the main escalation point for significant security incidents. Coordinate response efforts and ensure clear communication with both internal teams and external clients. Process & Workflow Optimization Continuously review, update, and document SOC processes, playbooks, and standard operating procedures (SOPs) to improve operational effectiveness. Technology Oversight Ensure the reliability and performance of security tools, including SIEM and EDR platforms. Lead the evaluation, selection, and implementation of new security technologies and enhancements. Reporting & Analytics Develop and maintain KPIs and metrics to assess SOC performance. Deliver regular reports and insights to senior leadership and clients on security trends and incident management. Client Relationship Management Act as a trusted advisor to clients, contributing to service reviews and providing expert security guidance. Required Experience & Skills Proven experience working in a Security Operations Centre (SOC) or related cybersecurity environment. Industry-recognised certifications (preferred), such as a cybersecurity degree, Network+, Security+, or equivalent technical qualifications. Strong hands-on knowledge of SIEM and EDR platforms, including experience configuring and writing queries (eg, SQL, KQL). Familiarity with cloud platforms (AWS, Azure, etc.) and securing hybrid IT environments. Excellent communication skills, both verbal and written, with the ability to translate technical information for non-technical audiences. Previous experience in an incident response role and a solid understanding of IR processes. Demonstrated experience leading or managing a security-focused team. Understanding of key security frameworks and standards, such as ISO 27001, NIST, and Crest.