Security Operations Manager

About the role

Job Purpose/Overview The Security Operations Center (SOC) Manager is responsible for leading the day-to-day operations of the SOC, overseeing a team of security analysts engaged in continuous monitoring, alert triage, and incident response. The SOC Manager ensures the effective use of SIEM, EDR platforms and detection platforms, maintains operational readiness, and drives consistent execution of incident response procedures. The SOC Manager is expected to maintain availability outside of standard business hours to support escalations, critical incidents, and on-call coverage as required by SOC operations. The Manager will also be responsible for integrating AI-assisted detection capabilities and ensuring the team is prepared to identify and respond to AI-enabled threats. Job Purpose/Overview The Security Operations Center (SOC) Manager is responsible for leading the day-to-day operations of the SOC, overseeing a team of security analysts engaged in continuous monitoring, alert triage, and incident response. The SOC Manager ensures the effective use of SIEM, EDR platforms and detection platforms, maintains operational readiness, and drives consistent execution of incident response procedures. The SOC Manager is expected to maintain availability outside of standard business hours to support escalations, critical incidents, and on-call coverage as required by SOC operations. The Manager will also be responsible for integrating AI-assisted detection capabilities and ensuring the team is prepared to identify and respond to AI-enabled threats. Job Responsibilities/ Accountabilities Manages daily SOC operations including shift scheduling, on-call rotation management, alert queue oversight, escalation management, and analyst performance Maintains personal on-call availability to support after-hours escalations, critical security incidents, and operational continuity as required Ensures adequate staffing and coverage across all SOC shifts, including nights, weekends, and holidays as operationally required Owns and maintains security technology platforms platforms, ensuring proper tuning, rule management, and integration with threat intelligence feeds Develops, maintains, and enforces SOC runbooks, playbooks, and standard operating procedures for alert triage and incident response Oversees the triage, containment, and escalation of security incidents in alignment with the Incident Response (IR) lifecycle Monitors and reports on SOC performance metrics including MTTD (Mean Time to Detect), MTTR (Mean Time to Respond), alert volume, and SLA adherence Evaluates, deploys, and governs AI/ML-based security tools including behavioral analytics, anomaly detection, and automated alert triage platforms Monitors the evolving landscape of adversarial AI threats (e.g., AI-generated phishing, deepfakes, automated exploit generation) and adjusts SOC defensive posture accordingly Develops policy and governance frameworks around the use of AI in SOC operations, including acceptable use, model risk, and auditability Coordinates with IT, threat intelligence, and IR teams to ensure seamless escalation and handoff of confirmed incidents Conducts regular reviews of threat intelligence to align SOC detection capabilities with current attack trends and TTPs Supports light threat intelligence operations including IOC ingestion, threat feed management, and MITRE ATT&CK framework alignment Recruits, develops, and retains SOC analyst talent; conducts regular performance reviews and provides ongoing coaching Communicates SOC operational status, incident summaries, and risk posture to functional leadership and stakeholders Ensures SOC operations align with applicable security policies, standards, and regulatory requirements Job Requirements/ Capabilities Bachelor's degree + 2 years relevant work experience OR 6 years relevant work experience. An understanding of business needs and commitment to delivering high-quality, prompt, and efficient service to the business An understanding of organizational mission, values, and goals and consistent application of this knowledge Ability to react to high pressure dynamic changing environments Experience and understanding of the impact of emerging business and technologies have on information security requirements and architecture Demonstrated technical experience in existing security and IT systems and an ability to keep pace with changing security and IT technologies Strong interpersonal skills, with an emphasis on the ability to effectively influence others Strong documentation and communication skills, an ability to draft clear, comprehensive reports and to translate complex technical findings into summaries for stakeholders and leadership A team-focused mentality with the proven ability to work effectively with diverse stakeholders and leading information security employees to success Acquire, manage, retain, and grow talented employees while possessing of a high sense of urgency and personal integrity

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at Rentokil Initial Group? Share your experience