Senior SOC Manager – Managed Cyber Defence

About the role We are seeking a Senior Manager to lead the day‑to‑day technical delivery of our Managed Cyber Defence services. This role has direct responsibility for Analysis and Engineering teams, ensuring the effective running, stability, and continuous improvement of a 24/7 client facing cyber defence capability. The role will focus on the operational delivery of services across a range of security platforms, including Microsoft Defender/Sentinel, Palo Alto Networks Cortex XDR/XSIAM, Google SecOps & CrowdStrike Falcon.

You will play a key role in ensuring services are efficient, resilient, and continuously improving – working closely with internal teams to evolve detection, response, and automation capabilities. What your days will look like Lead day‑to‑day operations across Analysis and Engineering teams delivering Managed Cyber Defence services. Ensure service stability, performance, and quality across client environments, acting as a senior escalation point for incidents and technical issues.

Manage prioritisation and workload across teams, including leadership of complex client incidents and investigations. Own and optimise the security technology stack (primarily Microsoft Sentinel and Defender), driving effective use of AI and automation in the SOC. Identify opportunities to improve efficiency through automation and work closely with automation teams to evolve capabilities.

Oversee operational reporting and support ongoing client interactions related to service delivery and performance. Provide technical leadership, maintain awareness of relevant security technologies, and drive continuous improvements in detection, response, and key SOC metrics (MTTD, MTTR, automation coverage). The role is for you if You have experience of embedding AI tooling within a SOC environment.

Experience with Microsoft Sentinel and Defender and strong knowledge of KQL. Experience in SOC, XDR, or managed security environments. Familiarity with Palo Alto, CrowdStrike, or Google tools is beneficial.

Security operations, incident response, detection engineering. Cloud (Azure preferred), automation concepts. Experience leading technical teams in live service environments.

Desirable: SC‑200 and/or GIAC certifications. What you’ll receive from us No matter where you may be in your career or personal life, our benefits are designed to add value and support, recognising and rewarding you fairly for your contributions. We offer a range of benefits including empowered flexibility and a working week split between office, home and client site; private medical cover and 24/7 access to a qualified virtual GP; six volunteering days a year and much more. #J-18808-Ljbffr