IT Manager - SOC and SIEM in Newcastle upon Tyne

This job is with Mott MacDonald, an inclusive employer and a member of myGwork – the largest global platform for the LGBTQ+ business community.

Location/s: Newcastle, UK

Mott MacDonald is a global engineering, management, and development consultancy with over 20,000 employees across more than 50 countries and 140+ offices. We work across incredible global industries, delivering exciting work that is defining our future and making an important societal impact in the communities we serve. Our people power our performance - we succeed when they do. With countless opportunities to collaborate, learn, and grow, the possibilities for excellence are as varied as every individual. Whether you want to grow as a subject matter expert or broaden your experience with roles across our international community, you’re surrounded by global specialists who want to combine their expertise and champion you to be your best. As a proudly employee-owned business, we benefit our clients, our communities, and each other, investing in creating the right space for everyone to feel empowered, included, and valued. Whatever your ambition, Mott MacDonald is where people come to be brilliant.

Overview Of The Role

As the Cyber Security Manager for SOC & SIEM, you will lead the organisation's detection and response strategy, ensuring robust operational resilience against evolving threats. This senior role is accountable for enhancing SIEM capabilities and driving improvements across Vulnerability & Patch Management, Incident Response & Disaster Recovery, and Asset & Threat Discovery. You will manage a high-performing team of engineers, embed automation and best practices, and collaborate with IT, engineering, and risk teams to deliver measurable reductions in Mean Time to Detect (MTTD) and Mean Time to Respond (MTTR). You will influence strategic decisions, champion a security-first culture, and ensure detection and response are integrated into enterprise operations. We are committed to building a diverse, inclusive, and high-performing security function. In this role, you will nurture talent, foster innovation, and create an environment where people feel supported, empowered, and valued in their mission to protect the organisation.

Key Responsibilities

• Define and execute the SOC and SIEM strategy, aligning with organisational objectives, regulatory requirements, and risk appetite.
• Lead and develop a high-performing SOC and SIEM team, fostering accountability, innovation, and continuous improvement.
• Champion automation and advanced analytics to improve detection, correlation, and response speed.
• Maintain strong partnerships with IT operations, architecture, engineering, and risk teams to ensure integrated security operations and early threat detection.
• Oversee SIEM platform architecture, log ingestion, and correlation accuracy, ensuring robust detection engineering and alert tuning aligned to frameworks such as MITRE ATT&CK.
• Drive process optimisation, reducing false positives and improving triage efficiency.
• Establish and monitor KPIs for detection coverage and operational performance.
• Own vulnerability management strategy and patching governance across endpoints, servers, and cloud workloads, implementing automation to minimise exposure windows.
• Report remediation progress to leadership and ensure SLA compliance.
• Lead the development and maintenance of incident response and disaster recovery playbooks for critical attack scenarios.
• Direct tabletop exercises and simulations to validate readiness and improve response metrics.
• Act as escalation point during major incidents, ensuring rapid containment, root cause analysis, and recovery.
• Govern continuous asset discovery and threat hunting programmes, ensuring accurate inventory feeds into CMDB and SIEM for correlation and reporting.
• Drive proactive threat identification and risk reduction initiatives.
• Own SOC governance reporting and ensure audit readiness for Cyber Essentials, ISO 27001, and regulatory frameworks.
• Maintain risk register entries related to detection and response.
• Develop and enforce security policies, standards, and operational procedures.
• Act as the primary point of contact for SOC and SIEM matters with senior leaders and cross-functional teams, providing clear, actionable insights and recommendations.

Personal Attributes

• Proactive & Innovation: Continuously seeks improvements in detection and response capabilities, adopting emerging best practices.
• Strategic Leader: Translates complex operational challenges into actionable strategies aligned with business goals.
• Leadership Presence: Inspires confidence, motivates teams, and drives accountability.
• Decisive Under Pressure: Maintains composure and makes sound decisions during critical incidents.
• Excellent Communicator: Engages technical and non-technical stakeholders effectively, simplifying complex concepts.
• Integrity & Professionalism: Demonstrates ethical leadership and commitment to safeguarding organisational assets.

Key Performance Indicators

• Reduction in Mean Time to Detect (MTTD) and Mean Time to Respond (MTTR) across SOC operations.
• SLA compliance for vulnerability remediation and patch deployment.
• Successful completion of incident response and disaster recovery exercises, with improvement in readiness scores.
• Accuracy of asset inventory and threat discovery coverage.
• Audit success and quality of governance reporting.

Candidate specification

Essential

• Proven leadership experience in SOC and SIEM management, with experience managing teams and driving strategic initiatives.
• Strong knowledge of detection engineering, vulnerability management, and incident response/disaster recovery frameworks.
• Excellent stakeholder engagement and communication skills, capable of influencing at all levels and translating technical concepts into business language.
• Ability to manage complex programmes and competing priorities, delivering measurable outcomes within agreed timelines.
• Demonstrated experience in governance, compliance, and regulatory frameworks (e.g., ISO 27001, NIST, GDPR).
• Proficiency in developing and implementing security policies, standards, and operational procedures.
• Strong analytical and problem-solving skills, with the ability to make data-driven decisions under pressure.

Desirable

• Professional certifications such as CISSP, CISM, CCSP, or equivalent experience.
• Hands-on experience with SIEM platforms, vulnerability scanners, and EDR/XDR solutions.
• Familiarity with frameworks such as MITRE ATT&CK, ISO 27001, NIST CSF.
• Experience in leading cyber resilience programmes, including threat hunting, vulnerability assessments, and incident simulations.
• Understanding of automation and orchestration in security operations (SOAR platforms).

Please be advised that offers for this role are conditional upon obtaining the appropriate level of Security Clearance.

Agile working

At Mott MacDonald, we believe it makes business sense for you and your manager to choose how you can work most effectively to meet your client, team, and personal commitments. We offer a hybrid working policy that embraces your well-being, flexibility, and trust.

Equality, diversity, and inclusion

We put equality, diversity, and inclusion at the heart of our business, seeking to promote fair employment procedures and practices to ensure equal opportunities for all. We encourage individual expression in our workplace and are committed to creating an inclusive environment where everyone feels they can contribute.

Accessibility

We want you to perform your best at every stage in the recruitment process. If you are disabled or need any support to enable you to apply or attend an interview, please contact us at reasonable.adjustments@mottmac.com and we will talk to you about how we can support you.

We Offer Some Fantastic Benefits Including

Health and wellbeing

• Private medical insurance for all UK colleagues.
• Health cash plan to support you with everyday health costs and treatments.
• Access to Peppy, providing free support from menopause experts for all UK colleagues.
• A variety of wellbeing support is available through our comprehensive wellbeing program, including access for you and your family.
• Ability to flex your salary to opt into a wide range of health benefits, many of which can be extended to your family too.

Financial wellbeing

• We match employee pension contributions between 4.5% and 7%.
• Life assurance equal up to 4 x your basic salary, with an option to increase the level of cover to 6 x your salary.
• Our income protection scheme provides a financial benefit, as well as absence and return to work support due to long-term illness or injury.
• Flexible benefits, including increased life assurance cover, critical illness insurance, payroll saving and will writing.
• As an independently owned business we share the financial success of the business with all our colleagues in various ways including annual bonus schemes.

Lifestyle

• A minimum of 33-35 days holiday each year, inclusive of public holidays and dependent on level, with the ability to buy or sell leave through our flexible benefits programme.
• Holiday entitlement increased to a minimum of 35 days after 5 years' service.
• Variety of employee saving schemes and discounts from high-street retailers.

Enhanced family and carers leave

• Enhanced family leave policies, including 26 weeks paid maternity and adoption leave, and two weeks paid paternity/partner leave.
• Our shared parental leave matches maternity leave meaning we pay up to 24 weeks at full pay.
• Up to five additional days leave are provided for those with significant caring responsibilities, two of which are paid.

Learning and development

• Primary annual professional institution subscription.
• A broad range of opportunities to enhance both technical and soft skills through mentoring, formal training, and self-development options.

Networks, communities, and social outcomes

Join a wide range of groups including our Advanced Employee Networks which support our LGBTQ+, gender, race and ethnicity, disability, and parents/carers communities. Make a difference within our communities through our social outcomes.

Apply now, or for more information about our application process, click here.