Head of Cyber Security Operations (CSOC)
Exeter (Hybrid – 2 days onsite)
Day Rate: £850 (Umbrella) / £616.61 (PAYE)
SC Cleared
An enterprise government backed organisation is seeking a Head of Cyber Security Operations to define, build and lead its Cyber Security Operations Centre (CSOC). This is a critical leadership role, responsible for protecting the organisation against real-time cyber threats, driving incident response, and ensuring resilience across a complex technology estate. Our client is offering a 6 month rolling contract, paying up to £850 PD Inside IR 35 to start ASAP to be based in Exeter 2 days per week.
This is a high-impact opportunity to shape cyber strategy at an enterprise level, working closely with senior stakeholders and external agencies to strengthen security posture and response capability. You will play a key role in building and evolving the CSOC capability, operating within a highly visible and business-critical function, with regular engagement across senior leadership and external partners.
To be successful, you will hold active SC clearance and bring proven experience working within Central Government, the Public Sector, or highly regulated scientific environments.
Key Responsibilities
Define and lead the Cyber Security Operations Centre (CSOC), ensuring effective detection, response, and remediation of cyber incidents
Own and continuously improve the cyber incident response plan, ensuring readiness across the organisation
Provide strategic cyber security advice to senior leadership on monitoring, logging, and threat response
Establish a use-case driven monitoring and alerting capability to improve threat detection and response times
Oversee threat intelligence, vulnerability management, and proactive risk mitigation across the estate
Lead the analysis of network traffic and behaviours, identifying threats and communicating insights to the wider business
Define and manage cyber security operations strategy, aligned to organisational risk appetite and government guidance
Manage stakeholders and external agencies, including regulatory bodies where required
Identify and plan cyber investment requirements across tooling, governance, and team capabilityCore Experience Required
Proven experience leading a Security Operations Centre (SOC/CSOC) or cyber security operations function
Strong background in incident response, threat detection, and cyber resilience
Hands-on experience with SIEM, IDS/IPS, endpoint security, and monitoring tools
Solid understanding of threat intelligence, vulnerability management, and remediation practices
Knowledge of cyber frameworks and regulations including GDPR, NIS, and National Cyber Security Centre guidance
Familiarity with frameworks such as MITRE ATT&CK and ITIL processes
Experience operating within complex, regulated environments (e.g. public sector, financial services)
Strong stakeholder management skills, with the ability to influence at senior level