SOC Manager, London £80k - £85k

Job Summary

We are seeking a competent Onsite SOC Lead/SOC Manager to operate from the client's premises in London and serve as the Single Point of Contact (SPOC) between the customer and the offshore Mphasis Next-Gen Cyber Fusion Center (Bangalore SOC Team).

This individual will play a critical role as the bridge between client stakeholders and the offshore operations, ensuring seamless communication, transparency, and alignment of SOC deliverables.

The SOC Lead/Manager will oversee daily BAU SOC functions, drive threat detection and response improvements, provide governance, and ensure the timely delivery of all operational and strategic security services. This position requires strong technical expertise in SIEM/SOAR/EDR technologies (primarily LogRhythm, but exposure to all leading SIEM platforms is essential), robust incident management skills, and exceptional stakeholder communication capabilities.

Key Responsibilities

On-site Customer Interface & SPOC Responsibilities

• Act as the primary onsite representative of the SOC and the single point of contact for all cybersecurity operational matters.
• Ensure all communication to and from the customer is routed, validated, and tracked efficiently with the offshore SOC team.
• Manage expectations, clarify priorities, and ensure consistent delivery of SOC services as per SLAs and contractual obligations.
• Conduct regular onsite engagements with customer stakeholders, including service reviews, governance meetings, and ad-hoc consultations.
• Coordinate offshore teams regarding alerts, incidents, reporting, change requests, and enhancement requirements.
• Provide Real Time visibility to the customer on incident status, ongoing investigations, and risk posture.

SOC Leadership & Operations Management

• Oversee and guide the offshore SOC analysts (L1, L2, L3, Threat Hunters) to ensure efficient 24×7 operations.
• Define, maintain, and enforce SOC operational procedures, response processes, and escalation workflows.
• Monitor SOC performance, quality of investigations, and ensure adherence to SLAs.
• Coordinate shift-wise activities, staffing coverage, operational handovers, and performance reviews with SOC management.
• Drive SOC efficiency enhancements and maturing SOC operations from reactive response to proactive threat hunting.

Required Skills & Qualifications

• Bachelor's/Master's degree in Cybersecurity, Computer Science, or Information Security.
• 10-14 years of experience in cybersecurity operations with 3-5 years in SOC leadership or managerial roles.
• Strong technical expertise with hands-on knowledge of:
• SIEM: LogRhythm (primary), Splunk, Sentinel, Securonix, XSIAM
• SOAR: Splunk SOAR, XSOAR, Securonix SOAR
• EDR/XDR: CrowdStrike Falcon, MS Defender, SentinelOne
• Cloud Security: Azure, AWS, GCP detection and response
• Deep understanding of:
• Incident Response frameworks (NIST 800-61, SANS IR)
• SOC operating models, MITRE ATT&CK, NIST CSF, ISO 27001
• Threat intelligence, network forensics, UEBA, DLP solutions
• Proven experience working with global teams, preferably in managed SOC or MSSP environments.
• Excellent communication, stakeholder management, and customer-handling skills.
• Strong analytical ability to translate technical incidents into business-relevant insights.