Overview
The Head of Security Monitoring and Threat Hunting is accountable for the leadership, performance, and continuous improvement of the Security Operations Centre (SOC), across 3 countries (UK, India and Canada) delivering a resilient 24/7 cyber defence capability for a global organisation. This role provides strategic and operational leadership across SOC operations, investigations, detection improvement, and automation. You will be responsible for developing a proactive, intelligence‑led SOC that balances SLA performance with high‑quality investigations and measurable risk reduction.
Responsibilities
* Manage the delivery of a global, follow‑the‑sun SOC operation aligned to enterprise risk and business priorities.
* Own SOC KPIs, SLAs, and quality metrics, ensuring performance targets are met without compromising investigation depth.
* Ensure robust triage, escalation, and handover processes are consistently applied.
* Maintain strong governance, documentation, and audit readiness.
* Own the continuous tuning and optimisation of detection rules to reduce false positives and improve signal quality.
* Provide line management, direction, and coaching to SOC Leads, ensuring consistent operational standards across all shifts.
* Set clear objectives, performance measures, and development plans for SOC Leads.
* Build a high‑performing, resilient SOC culture focused on professionalism, accountability, and continuous improvement.
* Ensure effective workforce planning, shift coverage, and succession planning within a 24/7 operating model.
* Work with other cross‑functional leaders and teams to implement efficient business processes and support the overall maturity of the Cyber function.
* Establish and embed a proactive investigation and threat hunting capability.
* Drive a shift from reactive alert handling to proactive‑driven investigations.
* Oversee case quality, root‑cause analysis, and post‑incident reviews.
* Lead the implementation and operational adoption of AI‑driven triage and SOAR automation.
* Automate low‑level case handling and enrichment to reduce analyst workload and improve efficiency.
* Improve MTTD and MTTR while maintaining appropriate controls and oversight.
* Define and deliver a SOC maturity and capability roadmap aligned to enterprise cyber strategy and UK regulatory expectations.
* Track emerging threats, technologies, and industry best practice to continuously evolve the SOC.
Hybrid role – requires travel to the Cardiff office at least 1 day per week.
Qualifications
* Visionary, risk-focused SOC leader with strong operational discipline.
* People focused leader with a track record of developing high‑performing teams.
* Strategic thinker capable of translating vision into successful outcomes.
* Calm and decisive in high‑pressure scenarios.
* 4+ years proven experience managing a 24/7 SOC within a large enterprise environment.
* Demonstrated line management experience of SOC Leads and Analysts.
* Strong background in security investigations, triage, and escalation.
* Experience leading or establishing proactive threat hunting.
* Practical experience implementing AI, SOAR, and automation within SOC operations.
* Understanding of modern threat actor tradecraft.
* Ability to balance SLA performance with investigation quality and analyst wellbeing.
* Strong stakeholder management and executive communication skills.
* Experience operating in regulated UK environments (e.g., financial services).
* Experience delivering SOC maturity transformation.
Desirable Qualifications
* CISSP, CISM, or GIAC certifications (GCIA, GCIH, GCED).
Benefits
We take pride in being a diverse and inclusive business. It's a place where you can Be You, and show up as you are. We're committed to fostering a people‑first culture where everyone is accepted, supported, and empowered to be brilliant. You can grow and progress at a pace and direction that suits you, make a difference for our customers and each other, and share in our future with all colleagues eligible for up to £3,600 of free shares each year after one year of service.
Everyone receives 33 days holiday (including bank holidays) when they join us, increasing the longer you stay with us, up to a maximum of 38 days (including bank holidays). You also have the option to buy or sell up to an additional five days of annual leave. We're proud of our people‑first culture. In fact, we've been recognised as a Great Place to Work for Women, a Great Place to Work for Wellbeing, and an overall Great Place to Work for over 25 years! We're fully committed to making sure your progression is not slowed or halted by barriers related to race, gender, age, sexuality or any of the protected characteristics. Our fantastic benefits make sure our colleagues have a great work‑life balance; you can view some of our other key benefits here.
#J-18808-Ljbffr