The Technical Account Manager (TAM) SOC is accountable for the technical success and value realisation of managed detection and response services across a portfolio of clients. You will help clients optimise SOC operations, interpret detection insights, and translate technical outputs into measurable business outcomes.
This role is collaborative and client-facing, supporting incident escalation, guiding operational maturity, and enabling long-term adoption of technologies and services. While not a shift-based position, you will be comfortable engaging at SOC depth, understanding how alerts, detections, and incidents flow through a 24/7 environment.
Key Responsibilities
As a Technical Account Manager (TAM) you serve as the primary technical point of contact for assigned SOC and managed detection clients, developing and maintaining a strong understanding of their monitored environments, log sources, and detection coverage.
Your responsibility is to ensure Security technologies and services, spanning SOC operations, SIEM/XDR/EDR, Vulnerability & Exposure Management, and Security Automation & Orchestration (SOAR) are aligned to the client's strategy and objectives, adopted effectively, and continuously improved to enhance client experience and satisfaction.
Provide high level SME knowledge, oversight, and guidance to help clients extract maximum value from technology products and services.
Interpret SOC outputs, incidents, and operational trends for clients, translating technical data into business and risk-focused insight.
Support incident escalation and coordination when required, guiding root cause analysis, post-incident learning, and preventive action planning.
Identify continuous improvement opportunities for SOC detections, content, log source coverage, and security automation workflows.
Provide guidance, enablement, and demonstrations to accelerate adoption and maturity of technologies and managed services.
Collaborate with SOC Operations, Security Engineering, and client-facing teams to co-develop use cases, workflows, and SOC operating processes.
Support onboarding of new clients, defining readiness gates, change plans, and ensuring robust rollback procedures.
Attend and contribute to monthly and quarterly service reviews, connecting KPIs and SLAs to actionable improvements and roadmap recommendations.
Act as a technical escalation point for deployed services and technologies, ensuring clients receive timely and accurate resolution.
Maintain alignment with account management and client success teams, co-owning success plans, roadmaps, and delivery outcomes.
Technical And Professional Qualifications
Practical experience with SOC platforms and technologies, including Microsoft Sentinel, CrowdStrike NG SIEM/XDR, Tenable One, EDR/EPP, and related SOC tools.
Strong understanding of infrastructure, operating systems (Windows/Linux), Active Directory/identity management, and permissions-based controls.
Hands-on experience designing detection content, use cases, tuning, suppression, and SOAR workflows, with understanding of data pipelines and connector optimisation.
Proven track record in technical account management, client-facing technical leadership, or equivalent, with ownership of success plans and service reviews.
Excellent presentation, communication, and interpersonal skills, capable of engaging with both technical teams and senior business stakeholders.
Continuous improvement mindset, connecting SOC metrics (e.g., coverage, false positive rate, MTTA/MTTR) to tangible client value.
Experience managing multiple stakeholders, balancing strategic planning with operational delivery.