SOC Manager in Watford

An exciting opportunity has arisen for an accomplished SOC Incident Response & Threat Hunting Manager to lead a high-performing team within a dynamic and evolving Security Operations Centre (SOC) environment. This critical role is ideal for a technically proficient cybersecurity professional with a passion for proactive defence, threat intelligence, and strategic leadership.

The successful candidate will oversee a team of Tier 3 Security and Incident Response Analysts, driving advanced incident response, digital forensics, and threat hunting operations across a diverse customer base. Acting as a technical authority, the role will play a pivotal part in enhancing cyber resilience, refining detection capabilities, and leading complex investigations from detection through to remediation and review.

• Lead, mentor and develop a team of senior SOC analysts, ensuring the delivery of effective and efficient incident response and threat hunting operations.
• Oversee and coordinate high-severity incident response engagements, acting as incident lead when required, and guiding cross-functional teams through time-critical decision-making.
• Provide expert oversight on complex security incidents, ensuring technical accuracy, rapid containment, and detailed documentation throughout.
• Drive the ongoing development and maturity of the Cyber Threat Intelligence (CTI) capability, ensuring intelligence is actionable, relevant and embedded within SOC operations.
• Collaborate closely with Detection Engineering and CTI teams to transform intelligence insights into meaningful threat hunting hypotheses and use cases.
• Design and lead advanced threat hunting exercises, leveraging deep knowledge of adversary tactics, techniques, and procedures (TTPs) to detect and mitigate evolving threats.
• Deliver comprehensive incident reports and recommendations to stakeholders, maintaining transparency and continuous improvement.
• Develop and deliver in-house training and simulation programmes, including tabletop exercises and forensic analysis challenges, to continually upskill SOC teams.
• Participate in the on-call rotation to provide expert support during critical incidents.

• Proven experience in leading incident response and threat hunting functions within a SOC or similar cyber operations environment.
• Strong technical expertise in digital forensics and incident response (DFIR), with a deep understanding of security event analysis, malware investigation, and forensic methodologies.
• Demonstrated ability to manage high-pressure incidents and coordinate across multiple stakeholders.
• Strong communication and leadership skills, with the ability to explain complex technical findings to both technical and non-technical audiences.
• Analytical and detail-oriented approach, capable of identifying patterns and anomalies in large data sets.
• Agile mindset with a focus on continuous improvement, process enhancement, and knowledge sharing across teams.
• Comfortable working in a fast-paced environment, adaptable to new technologies, tools, and evolving threats.

• Analytical thinking: Expert at identifying, analysing and mitigating complex threats.
• Collaboration: Works effectively across technical and operational teams to deliver swift resolutions.
• Adaptability: Quick to learn new systems, processes and technologies.
• Decision-making: Capable of prioritising and acting decisively under pressure.
• Continuous improvement: Committed to advancing team skills, refining processes and strengthening overall cyber defence.

This is a rare opportunity to take a leading role in shaping the future of SOC operations, driving proactive threat detection and response, and influencing cybersecurity strategy at an enterprise level. The position offers autonomy, professional growth, and the chance to make a measurable impact in defending against sophisticated and evolving cyber threats.