SOC Technical Lead

Role Overview

We are seeking an experienced and hands-on SOC Operations Technical Lead to lead a team of SOC Analysts operating in a 24/7/365 environment.

This is a senior, technically focused leadership role within our Managed Security Services (MSSP) function, reporting directly to the Head of SOC Operations. You will act as the senior technical authority, driving excellence in threat detection, incident response, and security operations across a diverse, multi-client portfolio.

While you will lead and mentor a team, this is not a purely managerial role. You will remain deeply involved in technical delivery, acting as an escalation point, leading complex investigations, and continuously improving SOC capabilities.

Key Responsibilities

Team Leadership & SOC Operations

Lead day-to-day SOC operations across all shifts, ensuring consistent 24/7 coverage

Manage shift schedules, handovers, and on-call rotations

Act as the primary escalation point for security incidents and analyst queries

Ensure high-quality triage, investigation, and response aligned to SOC processes

Drive team development through training, coaching, and technical mentoring

Ensure accurate and timely case management (HALO) and delivery against SLAs

Technical Leadership & Continuous Improvement

Provide expert guidance on threat detection, incident response, and threat hunting

Lead escalations for complex or high-severity incidents across client environments

Develop and optimise detection rules, playbooks, and automation

Improve SOC tooling (SIEM, EDR/XDR, SOAR) and operational processes

Design and maintain advanced detection use cases and correlation logic

Client Engagement & Consulting

Act as a trusted advisor to clients, supporting security reviews and incident analysis

Translate technical findings into clear, actionable recommendations

Support continuous improvement of client security posture

Collaboration

Work closely with Threat Intelligence, Engineering, and Incident Response teams

Enhance detection capability through intelligence sharing and tool optimisation

Align processes to strengthen overall security operations effectiveness

Strategic Contribution

Identify opportunities to enhance MSSP services and capabilities

Monitor emerging threats, technologies, and industry trends

Ensure compliance with regulatory standards and internal frameworks

Skills & Experience

Essential

7+ years in Security Operations, including 3-4 years in a senior/lead SOC role

Strong hands-on experience with:

SIEM (e.g. Microsoft Sentinel, CrowdStrike)

EDR/XDR (e.g. CrowdStrike, Microsoft Defender, Carbon Black)

SOAR and threat intelligence platforms

Proven expertise in threat hunting and incident response

Experience developing and tuning detection rules in multi-tenant environments

Strong automation skills to improve SOC efficiency

Excellent client-facing and communication skills

Desirable

Certifications such as CISSP, GIAC (GCIH, GCIA, GREM), SC-200 or SC-300

Experience in cloud security operations

Background in MSSP or consulting environments

Familiarity with frameworks such as NIST, ISO27001, or ITIL

Key Competencies

Strong technical depth with the ability to simplify complex concepts

Excellent analytical and problem-solving skills under pressure

Confident communicator with strong stakeholder engagement skills

Collaborative leadership style with a focus on mentoring and development

Ability to manage multiple priorities in a fast-paced SOC environment