Security Operations Manager in Crawley

The Security Operations Center (SOC) Manager is responsible for leading the day-to-day operations of the SOC, overseeing a team of security analysts engaged in continuous monitoring, alert triage, and incident response. The SOC Manager ensures the effective use of SIEM, EDR platforms and detection platforms, maintains operational readiness, and drives consistent execution of incident response procedures. The SOC Manager is expected to maintain availability outside of standard business hours to support escalations, critical incidents, and on-call coverage as required by SOC operations. The Manager will also be responsible for integrating AI-assisted detection capabilities and ensuring the team is prepared to identify and respond to AI-enabled threats.

Job Responsibilities/Accountabilities

• Manages daily SOC operations including shift scheduling, on-call rotation management, alert queue oversight, escalation management, and analyst performance.
• Maintains personal on-call availability to support after-hours escalations, critical security incidents, and operational continuity as required.
• Ensures adequate staffing and coverage across all SOC shifts, including nights, weekends, and holidays as operationally required.
• Owns and maintains security technology platforms, ensuring proper tuning, rule management, and integration with threat intelligence feeds.
• Develops, maintains, and enforces SOC runbooks, playbooks, and standard operating procedures for alert triage and incident response.
• Oversees the triage, containment, and escalation of security incidents in alignment with the Incident Response (IR) lifecycle.
• Monitors and reports on SOC performance metrics including MTTD (Mean Time to Detect), MTTR (Mean Time to Respond), alert volume, and SLA adherence.
• Evaluates, deploys, and governs AI/ML-based security tools including behavioral analytics, anomaly detection, and automated alert triage platforms.
• Monitors the evolving landscape of adversarial AI threats (e.g., AI-generated phishing, deepfakes, automated exploit generation) and adjusts SOC defensive posture accordingly.
• Develops policy and governance frameworks around the use of AI in SOC operations, including acceptable use, model risk, and auditability.
• Coordinates with IT, threat intelligence, and IR teams to ensure seamless escalation and handoff of confirmed incidents.
• Conducts regular reviews of threat intelligence to align SOC detection capabilities with current attack trends and TTPs.
• Supports light threat intelligence operations including IOC ingestion, threat feed management, and MITRE ATT&CK framework alignment.
• Recruits, develops, and retains SOC analyst talent; conducts regular performance reviews and provides ongoing coaching.
• Communicates SOC operational status, incident summaries, and risk posture to functional leadership and stakeholders.
• Ensures SOC operations align with applicable security policies, standards, and regulatory requirements.

Job Requirements/Capabilities

• Bachelor's degree + 2 years relevant work experience OR 6 years relevant work experience.
• An understanding of business needs and commitment to delivering high-quality, prompt, and efficient service to the business.
• An understanding of organizational mission, values, and goals and consistent application of this knowledge.
• Ability to react to high pressure dynamic changing environments.
• Experience and understanding of the impact of emerging business and technologies have on information security requirements and architecture.
• Demonstrated technical experience in existing security and IT systems and an ability to keep pace with changing security and IT technologies.
• Strong interpersonal skills, with an emphasis on the ability to effectively influence others.
• Strong documentation and communication skills, an ability to draft clear, comprehensive reports and to translate complex technical findings into summaries for stakeholders and leadership.
• A team-focused mentality with the proven ability to work effectively with diverse stakeholders and leading information security employees to success.
• Acquire, manage, retain, and grow talented employees while possessing a high sense of urgency and personal integrity with the highest ethical standards and values with an innate drive to win.

Benefits

• Competitive salary and bonus scheme.
• Hybrid working.
• Rentokil Initial Reward Scheme.
• 23 days holiday, plus 8 bank holidays.
• Employee Assistance Programme.
• Death in service benefit.
• Healthcare.
• Free parking.

At Rentokil Initial, our customers and colleagues represent diverse backgrounds and experiences. We take pride in being an equal opportunity employer, actively encouraging applications from individuals from all walks of life. Our belief is that everyone irrespective of age, gender, gender identity, gender expression, ethnicity, sexual orientation, disabilities, religion, or beliefs, has the potential to thrive and contribute. We embrace the differences that make each of our colleagues unique, fostering an inclusive environment where everyone can be their authentic selves and feel a sense of belonging.