Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead cybersecurity operations and ensure seamless communication between clients and offshore teams.
- Company: Join a leading cybersecurity firm in London with a focus on innovation.
- Benefits: Competitive salary, professional development, and opportunities for career growth.
- Why this job: Be at the forefront of cyber defence and make a real impact in security operations.
- Qualifications: 10-14 years in cybersecurity with strong leadership and technical skills.
- Other info: Dynamic work environment with a focus on continuous improvement and innovation.
The predicted salary is between 60000 - 84000 ÂŁ per year.
We are seeking a competent Onsite SOC Lead / SOC Manager to operate from the client’s premises in London and serve as the Single Point of Contact (SPOC) between the customer and the offshore Mphasis Next-Gen Cyber Fusion Center (Bangalore SOC Team). This individual will play a critical role as the bridge between client stakeholders and the offshore operations, ensuring seamless communication, transparency, and alignment of SOC deliverables. The SOC Lead/Manager will oversee daily BAU SOC functions, drive threat detection and response improvements, provide governance, and ensure the timely delivery of all operational and strategic security services. This position requires strong technical expertise in SIEM/SOAR/EDR technologies (primarily LogRhythm, but exposure to all leading SIEM platforms is essential), robust incident management skills, and exceptional stakeholder communication capabilities.
Key Responsibilities
- On-site Customer Interface & SPOC Responsibilities
- Act as the primary onsite representative of the SOC and the single point of contact for all cybersecurity operational matters.
- Ensure all communication to and from the customer is routed, validated, and tracked efficiently with the offshore SOC team.
- Manage expectations, clarify priorities, and ensure consistent delivery of SOC services as per SLAs and contractual obligations.
- Conduct regular onsite engagements with customer stakeholders, including service reviews, governance meetings, and ad-hoc consultations.
- Coordinate offshore teams regarding alerts, incidents, reporting, change requests, and enhancement requirements.
- Provide real-time visibility to the customer on incident status, ongoing investigations, and risk posture.
- SOC Leadership & Operations Management
- Oversee and guide the offshore SOC analysts (L1, L2, L3, Threat Hunters) to ensure efficient 24Ă—7 operations.
- Define, maintain, and enforce SOC operational procedures, response processes, and escalation workflows.
- Monitor SOC performance, quality of investigations, and ensure adherence to SLAs.
- Coordinate shift-wise activities, staffing coverage, operational handovers, and performance reviews with SOC management.
- Drive SOC efficiency enhancements and maturing SOC operations from reactive response to proactive threat hunting.
- Incident Management & Crisis Response
- Serve as the Incident Commander for critical/high‑severity incidents impacting the client.
- Lead cross‑functional coordination including IT, Network, Cloud, and business units, during major security events.
- Review incident reports, RCA documents, and ensure lessons learned are implemented across the SOC.
- Periodically refine IR playbooks and ensure alignment with global frameworks like NIST 800‑61 and ISO standards.
- Security Technology Oversight
- Provide advisory and operational oversight for SIEM (LogRhythm primarily), SOAR, EDR, and XDR tools.
- Work closely with detection engineers to enhance use cases, correlation rules, and detection logic mapped to MITRE ATT&CK.
- Liaise with customer infrastructure/engineering teams for log onboarding, tool optimization, and integration enhancements.
- Evaluate and recommend enhancements across SOC tooling, dashboards, and automation workflows.
- Drive proactive security initiatives including threat hunting, behaviour analytics reviews, and continuous tuning of alert logic.
- Ensure ingestion and effective use of global, contextual, and sector‑specific threat intelligence feeds.
- Support execution of red/blue/purple team activities to validate SOC readiness and improve detection quality.
- Governance, Metrics & Reporting
- Prepare and present operational dashboards, SOC performance reports, and executive summaries.
- Track KPIs/KRIs such as MTTD, MTTR, SLA adherence, volume trends, and false positive rates.
- Ensure compliance with audit, regulatory (GDPR, ISO 27001), and internal policy requirements.
- Maintain documentation, SOPs, process maps, and incident workflows.
- Mentor analysts (onsite and offshore) to enhance their skillsets, investigative mindset, and operational maturity.
- Promote continuous improvement, innovation, and automation within the SOC.
- Lead SOC maturity assessments and ensure execution of roadmap initiatives aligned with NIST CSF / Gartner models.
Required Skills & Qualifications
- Bachelor’s/Master’s degree in Cybersecurity, Computer Science, or Information Security.
- 10–14 years of experience in cybersecurity operations with 3–5 years in SOC leadership or managerial roles.
- Strong technical expertise with hands‑on knowledge of: SOAR: Splunk SOAR, XSOAR, Securonix SOAR Cloud Security: Azure, AWS, GCP detection and response.
- Deep understanding of: Proven experience working with global teams, preferably in managed SOC or MSSP environments.
- Excellent communication, stakeholder management, and customer‑handling skills.
- Strong analytical ability to translate technical incidents into business‑relevant insights.
Preferred Certifications
- CISSP / CISM
- GIAC Certifications (GCIH / GCIA / GCFA / GCTI / GMON)
- CEH or CompTIA CySA+ (as secondary options)
- LogRhythm Analyst/Administrator Certification (primary tool)
- Azure Security (AZ-500 / SC-200)
Key Performance Indicators (KPIs)
- SOC uptime, SLA compliance, and operational stability.
- Reduction in MTTD and MTTR.
- Accuracy and quality of incident investigations.
- Decrease in false positives and overall alert fatigue.
- SOC maturity growth over time.
- Successful customer audits and compliance scores.
- Client satisfaction and feedback scores.
- Effective collaboration and alignment between onsite and offshore teams.
Summary
The Onsite SOC Lead / Manager is a critical strategic and operational role, responsible for ensuring that the client receives industry‑leading security monitoring and incident response services. As the face of the SOC onsite, this individual must combine strong technical expertise, leadership, communication, and customer management skills to ensure seamless and proactive cyber defence operations.
SOC Manager/ Lead employer: Dns Info Ltd
Contact Detail:
Dns Info Ltd Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land SOC Manager/ Lead
✨Tip Number 1
Network like a pro! Attend industry events, meetups, and conferences related to cybersecurity. This is your chance to connect with potential employers and showcase your expertise in person.
✨Tip Number 2
Don’t underestimate the power of LinkedIn! Make sure your profile is up-to-date and reflects your skills as a SOC Manager. Engage with posts, share insights, and connect with people in the industry to increase your visibility.
✨Tip Number 3
Practice your interview skills! Prepare for common SOC-related questions and scenarios. Mock interviews with friends or mentors can help you articulate your experience and demonstrate your problem-solving abilities.
✨Tip Number 4
Apply through our website! We’ve got loads of opportunities waiting for you. Tailor your application to highlight your leadership and technical skills, and don’t forget to follow up after applying to show your enthusiasm!
We think you need these skills to ace SOC Manager/ Lead
Some tips for your application 🫡
Tailor Your CV: Make sure your CV is tailored to the SOC Manager role. Highlight your experience with SIEM/SOAR/EDR technologies and any leadership roles you've held. We want to see how your skills align with what we're looking for!
Craft a Compelling Cover Letter: Your cover letter is your chance to shine! Use it to explain why you're the perfect fit for the SOC Lead position. Share specific examples of your past experiences that demonstrate your ability to manage teams and handle incidents effectively.
Showcase Your Communication Skills: Since this role involves being the SPOC between clients and offshore teams, it's crucial to showcase your communication skills. In your application, mention instances where you've successfully managed stakeholder expectations or facilitated clear communication in high-pressure situations.
Apply Through Our Website: We encourage you to apply directly through our website. It’s the best way for us to receive your application and ensures you’re considered for the role. Plus, it shows you’re proactive and keen on joining our team!
How to prepare for a job interview at Dns Info Ltd
✨Know Your Tech Inside Out
Make sure you brush up on your knowledge of SIEM, SOAR, and EDR technologies, especially LogRhythm. Be ready to discuss how you've used these tools in past roles and how they can be leveraged for effective threat detection and response.
✨Master the Art of Communication
As a SOC Lead, you'll need to communicate effectively with both technical teams and stakeholders. Prepare examples of how you've successfully managed expectations and clarified priorities in previous roles. This will show your ability to act as the Single Point of Contact.
✨Showcase Your Leadership Skills
Be prepared to discuss your experience in leading teams, especially in a 24/7 operational environment. Highlight specific instances where you've guided analysts or improved SOC operations, demonstrating your capability to oversee and mentor others.
✨Prepare for Incident Management Scenarios
Expect questions about your approach to incident management and crisis response. Think of real-life examples where you acted as an Incident Commander and how you coordinated with various teams during high-severity incidents. This will showcase your readiness for the role.