SOC Technical Lead
CV-LibraryNationwidepermanentPosted: 27 April 2026
Apply NowRole Overview
We are seeking an experienced and hands-on SOC Operations Technical Lead to lead a team of SOC Analysts operating in a 24/7/365 environment.
This is a senior, technically focused leadership role within our Managed Security Services (MSSP) function, reporting directly to the Head of SOC Operations. You will act as the senior technical authority, driving excellence in threat detection, incident response, and security operations across a diverse, multi-client portfolio.
While you will lead and mentor a team, this is not a purely managerial role. You will remain deeply involved in technical delivery, acting as an escalation point, leading complex investigations, and continuously improving SOC capabilities.
Key Responsibilities
Team Leadership & SOC Operations
Lead day-to-day SOC operations across all shifts, ensuring consistent 24/7 coverage
Manage shift schedules, handovers, and on-call rotations
Act as the primary escalation point for security incidents and analyst queries
Ensure high-quality triage, investigation, and response aligned to SOC processes
Drive team development through training, coaching, and technical mentoring
Ensure accurate and timely case management (HALO) and delivery against SLAs
Technical Leadership & Continuous Improvement
Provide expert guidance on threat detection, incident response, and threat hunting
Lead escalations for complex or high-severity incidents across client environments
Develop and optimise detection rules, playbooks, and automation
Improve SOC tooling (SIEM, EDR/XDR, SOAR) and operational processes
Design and maintain advanced detection use cases and correlation logic
Client Engagement & Consulting
Act as a trusted advisor to clients, supporting security reviews and incident analysis
Translate technical findings into clear, actionable recommendations
Support continuous improvement of client security posture
Collaboration
Work closely with Threat Intelligence, Engineering, and Incident Response teams
Enhance detection capability through intelligence sharing and tool optimisation
Align processes to strengthen overall security operations effectiveness
Strategic Contribution
Identify opportunities to enhance MSSP services and capabilities
Monitor emerging threats, technologies, and industry trends
Ensure compliance with regulatory standards and internal frameworks
Skills & Experience
Essential
7+ years in Security Operations, including 3-4 years in a senior/lead SOC role
Strong hands-on experience with:
SIEM (e.g. Microsoft Sentinel, CrowdStrike)
EDR/XDR (e.g. CrowdStrike, Microsoft Defender, Carbon Black)
SOAR and threat intelligence platforms
Proven expertise in threat hunting and incident response
Experience developing and tuning detection rules in multi-tenant environments
Strong automation skills to improve SOC efficiency
Excellent client-facing and communication skills
Desirable
Certifications such as CISSP, GIAC (GCIH, GCIA, GREM), SC-200 or SC-300
Experience in cloud security operations
Background in MSSP or consulting environments
Familiarity with frameworks such as NIST, ISO27001, or ITIL
Key Competencies
Strong technical depth with the ability to simplify complex concepts
Excellent analytical and problem-solving skills under pressure
Confident communicator with strong stakeholder engagement skills
Collaborative leadership style with a focus on mentoring and development
Ability to manage multiple priorities in a fast-paced SOC environment
We are seeking an experienced and hands-on SOC Operations Technical Lead to lead a team of SOC Analysts operating in a 24/7/365 environment.
This is a senior, technically focused leadership role within our Managed Security Services (MSSP) function, reporting directly to the Head of SOC Operations. You will act as the senior technical authority, driving excellence in threat detection, incident response, and security operations across a diverse, multi-client portfolio.
While you will lead and mentor a team, this is not a purely managerial role. You will remain deeply involved in technical delivery, acting as an escalation point, leading complex investigations, and continuously improving SOC capabilities.
Key Responsibilities
Team Leadership & SOC Operations
Lead day-to-day SOC operations across all shifts, ensuring consistent 24/7 coverage
Manage shift schedules, handovers, and on-call rotations
Act as the primary escalation point for security incidents and analyst queries
Ensure high-quality triage, investigation, and response aligned to SOC processes
Drive team development through training, coaching, and technical mentoring
Ensure accurate and timely case management (HALO) and delivery against SLAs
Technical Leadership & Continuous Improvement
Provide expert guidance on threat detection, incident response, and threat hunting
Lead escalations for complex or high-severity incidents across client environments
Develop and optimise detection rules, playbooks, and automation
Improve SOC tooling (SIEM, EDR/XDR, SOAR) and operational processes
Design and maintain advanced detection use cases and correlation logic
Client Engagement & Consulting
Act as a trusted advisor to clients, supporting security reviews and incident analysis
Translate technical findings into clear, actionable recommendations
Support continuous improvement of client security posture
Collaboration
Work closely with Threat Intelligence, Engineering, and Incident Response teams
Enhance detection capability through intelligence sharing and tool optimisation
Align processes to strengthen overall security operations effectiveness
Strategic Contribution
Identify opportunities to enhance MSSP services and capabilities
Monitor emerging threats, technologies, and industry trends
Ensure compliance with regulatory standards and internal frameworks
Skills & Experience
Essential
7+ years in Security Operations, including 3-4 years in a senior/lead SOC role
Strong hands-on experience with:
SIEM (e.g. Microsoft Sentinel, CrowdStrike)
EDR/XDR (e.g. CrowdStrike, Microsoft Defender, Carbon Black)
SOAR and threat intelligence platforms
Proven expertise in threat hunting and incident response
Experience developing and tuning detection rules in multi-tenant environments
Strong automation skills to improve SOC efficiency
Excellent client-facing and communication skills
Desirable
Certifications such as CISSP, GIAC (GCIH, GCIA, GREM), SC-200 or SC-300
Experience in cloud security operations
Background in MSSP or consulting environments
Familiarity with frameworks such as NIST, ISO27001, or ITIL
Key Competencies
Strong technical depth with the ability to simplify complex concepts
Excellent analytical and problem-solving skills under pressure
Confident communicator with strong stakeholder engagement skills
Collaborative leadership style with a focus on mentoring and development
Ability to manage multiple priorities in a fast-paced SOC environment