SOC Subject Matter Expert (UK) in Horsham

Detego Global is on the lookout for a SOC Subject Matter Expert to join our Product Management team. We are looking for a mid to senior SOC analyst with extensive operational experience who is ready to transition into a product-focused role. You will be the voice of the SOC development team, translating deep operational security experience into product requirements and strategic direction for advanced SOC command and control tools. You will work closely with product managers, engineers, UX designers, and customers to ensure our products solve real analyst challenges and improve SOC efficiency and effectiveness. This role will provide the right candidate with the opportunity to work on some extremely rewarding projects supporting the development of impactful security operations software while working with a friendly and supportive team. The role has a strong opportunity for growth and will play an integral role in helping shape the future of SOC products and security operations tools.

Reports to: Senior Product Manager

Place of Work: Hybrid Remote/Office in Horsham

Responsibilities and Duties

• Providing expert SOC operational guidance to product management and engineering teams throughout the product development lifecycle.
• Defining and documenting detailed system-level requirements for SOC analyst tools, ensuring alignment with real-world operational needs.
• Translating SOC analyst pain points, workflows, and use cases into actionable product features and user stories.
• Designing and validating alert prioritisation algorithms, incident triage workflows, and automated playbook logic based on operational experience.
• Collaborating with product managers to shape product strategy, roadmap priorities, and feature definitions.
• Conducting customer discovery sessions, interviews, and workshops with SOC teams to gather requirements and validate concepts.
• Creating realistic user personas, journey maps, and workflow diagrams that represent authentic SOC analyst experiences.
• Evaluating competitive SOC tools and industry trends to inform product differentiation and innovation opportunities.
• Participating in proof-of-concept development to validate new features addressing critical analyst decision-making challenges.
• Working with UX designers to ensure intuitive interfaces that match SOC analyst mental models and workflow patterns.
• Providing technical consultation on threat detection logic, MITRE ATT&CK mapping, and security operations best practices.
• Supporting go-to-market activities by creating technical content, conducting product demonstrations, and engaging with prospective customers.
• Mentoring and educating internal teams on SOC operations, threat landscapes, and analyst workflows.
• Ensuring product features align with industry frameworks (MITRE ATT&CK, NIST, ISO 27001) and SOC maturity models.
• Act as a trusted SOC and cyber defence expert in customer meetings, workshops, and solution design sessions.
• Support pre-sales engagements by articulating operational value, use cases, and real-world applicability.
• Deliver product demonstrations and technical briefings tailored to SOC practitioners, security leaders, and decision-makers.
• Translate complex SOC workflows and technical concepts into clear, compelling narratives for customers and stakeholders.
• Support go-to-market activities through technical content creation, presentations, and customer engagement.

Skills and Experience

• Minimum 6 years of hands-on experience as a SOC Analyst, Senior SOC Analyst, or SOC Team Lead.
• Deep understanding of end-to-end SOC operations including alert triage, incident response, threat hunting, and case management.
• Extensive experience with SIEM platforms, security orchestration tools, and the broader SOC technology stack.
• Strong knowledge of threat detection methodologies, alert correlation, and incident prioritisation frameworks.
• Expert-level understanding of MITRE ATT&CK framework and its practical application in SOC operations.
• Proven ability to identify operational inefficiencies and translate them into product improvement opportunities.
• Experience developing or optimising SOC playbooks, runbooks, and standard operating procedures.
• Excellent communication skills with ability to articulate complex security concepts to both technical and business audiences.
• Strong analytical and strategic thinking capabilities.
• Understanding of common attack patterns, threat actor TTPs, and the evolving threat landscape.
• Ability to balance ideal security outcomes with practical operational constraints and business realities.
• Strong problem-solving skills and willingness to roll up one’s sleeves to get the job done.
• Skilled at working effectively with cross-functional teams in a matrix organisation.
• 8+ years of progressive SOC experience including team leadership or senior analyst responsibilities.
• Experience in Tier 2 or Tier 3 SOC roles with incident response and threat hunting responsibilities.
• Previous involvement in SOC tool evaluation, selection, or implementation projects.
• Experience with security automation, SOAR platforms, or playbook development.
• Experience working with or partnering with SOC/SIEM/EDR vendors and MSSP (Managed Security Service Provider) vendors.
• Familiarity with product management principles, agile methodologies, or requirements gathering processes.
• Experience presenting to executive leadership or external stakeholders.
• Knowledge of multiple SIEM platforms (Splunk, QRadar, Sentinel, Chronicle, etc.) and their operational strengths/weaknesses.
• Understanding of SOC metrics, KPIs, and performance measurement frameworks.
• Security certifications (e.g., GCIH, GCIA, GCFA, CISSP, GMON) demonstrating advanced security operations expertise.
• Experience working in regulated industries or with compliance-driven security operations.
• Bachelor’s degree in cybersecurity, information technology, or related field.