SOC Manager (Security Operations Center)

Technology is our how. And people are our why. For over two decades, we have been harnessing technology to drive meaningful change. By combining world‑class engineering, industry expertise and a people‑centric mindset, we consult and partner with leading brands from various industries to create dynamic platforms and intelligent digital experiences that drive innovation and transform businesses. From prototype to real‑world impact - be part of a global shift by doing work that matters.

We are seeking an experienced SOC Manager to lead and support the day‑to‑day operations of a global 24/7 Security Operations Center within a managed security services environment. The role focuses on ensuring consistent, high‑quality security operations delivery across distributed teams in Europe and APAC operating within a follow‑the‑sun model. Working closely with SOC analysts, engineers, customers, and internal stakeholders, the SOC Manager will drive operational excellence, team development, customer engagement, and the ongoing evolution of SOC capabilities and services. The ideal candidate combines strong security operations experience with people leadership, stakeholder management, and the ability to operate effectively in fast‑paced, customer‑facing environments. Experience working with multi‑client SOC environments is highly beneficial.

Responsibilities

• Lead the day‑to‑day operations of a global 24/7 multi‑client SOC environment, ensuring high‑quality security monitoring, incident response, escalation management, and service delivery activities.
• Coordinate operational activities across distributed SOC teams in Europe and APAC within a follow‑the‑sun operating model, supporting operational alignment, service consistency, and effective collaboration across regions.
• Manage operational escalations and major security incidents, working closely with SOC analysts, engineers, and internal stakeholders.
• Contribute to the ongoing development and maturity of SOC processes, tooling, workflows, reporting capabilities, and operational practices.
• Collaborate with engineering, threat intelligence, and other security teams to support the continued evolution of detection and response capabilities across the SOC service.
• Own operational reporting, KPI tracking, and service metrics to support effective service delivery, operational governance, and customer engagement.
• Participate in and contribute to roadmap and capability planning discussions related to SOC services, operational maturity, and future capability development.
• Line‑manage SOC analysts and/or team leads, supporting recruitment, coaching, mentoring, performance management, and team development activities.
• Build strong working relationships with customers and internal stakeholders, participating in operational reviews, governance discussions, incident communications, and service‑related engagements.
• Support onboarding and transition activities for new managed security services customers.

Required

• Proven experience leading or managing a SOC or security operations function, including incident response, monitoring, and operational oversight.
• Strong understanding of core security operations concepts, including SIEM, SOAR, EDR/XDR, threat monitoring, vulnerability management, and security incident management.
• Experience with cloud security technologies and platforms (Azure, AWS, GCP).
• Experience managing operational processes, priorities, and service levels within a fast‑paced environment.
• Proven people management and leadership capability, including coaching, mentoring, and team development.
• Strong communication and stakeholder management skills, with the ability to engage effectively with both technical and non‑technical audiences.
• Experience driving operational improvements, process optimisation, or automation initiatives.
• Good understanding of security and governance principles, including exposure to frameworks such as ISO 27001, NIST, SOC2, and ITIL.
• Relevant cybersecurity or IT experience, supported by industry certifications or equivalent practical experience.

Nice to Have

• Experience managing a 24x7 MSSP or multi‑tenant SOC environment.
• Experience with SOAR, threat intelligence, or advanced detection engineering capabilities.
• Exposure to customer‑facing managed security services, including service reviews and commercial awareness.
• Higher‑level certifications such as CISSP, CISM, GIAC, SANS or cloud security certifications.
• Experience supporting audits, compliance activities, or regulated environments.
• Experience building or maturing SOC operating models and governance processes.

Discover some of the global benefits that empower our people to become the best version of themselves:

• Finance: Competitive salary package, share plan, company performance bonuses, value‑based recognition awards, referral bonus;
• Career Development: Career coaching, global career opportunities, non‑linear career paths, internal development programmes for management and technical leadership;
• Learning Opportunities: Complex projects, rotations, internal tech communities, training, certifications, coaching, online learning platforms subscriptions, pass‑it‑on sessions, workshops, conferences;
• Work‑Life Balance: Hybrid work and flexible working hours, employee assistance programme;
• Health: Global internal wellbeing programme, access to wellbeing apps;
• Community: Global internal tech communities, hobby clubs and interest groups, inclusion and diversity programmes, events and celebrations.

At Endava, we’re committed to creating an open, inclusive, and respectful environment where everyone feels safe, valued, and empowered to be their best. We welcome applications from people of all backgrounds, experiences, and perspectives—because we know that inclusive teams help us deliver smarter, more innovative solutions for our customers. Hiring decisions are based on merit, skills, qualifications, and potential. If you need adjustments or support during the recruitment process, please let us know.