This website uses cookies to ensure you get the best experience. Ekco and our selected partners use cookies and similar technologies (together “cookies”) that are necessary to present this website, and to ensure you get the best experience of it. If you consent to it, we will also use cookies for analytics and marketing purposes. See our Cookie Policy to read more about the cookies we set. You can withdraw and manage your consent at any time, by clicking “Manage cookies” at the bottom of each website page. ek.co Mail Security Operations Centre Ekco UK - Milton Keynes Fully Remote Principal - Security Operations Founded in 2016 Ekco is now one of the fastest growing cloud solution providers in Europe! About Ekco Founded in 2016 Ekco is now one of the fastest growing cloud solution providers in Europe! We specialise in enabling companies to progress along the path of cloud maturity, managing transformation and driving better outcomes from our customers’ existing technology investments. In a few words, we take businesses to the cloud and back! We have over 950 highly talented and supportive colleagues (and counting) across a number of regional offices in the UK, Benelux & Ireland. The Role We are seeking a SOC Principal to act as the technical authority driving the evolution of our Security Operations capability. This role focuses on advancing detection capability, hunting practices, and investigative standards to ensure the SOC remains ahead of emerging threats. By shaping how complex threats are identified and handled, the Principal sets the benchmark for technical excellence across the team. As a senior escalation point, the Principal provides deep technical guidance to analysts and SecOps Leads while fostering a culture of continual improvement. Working closely with Detection Engineering, Threat Intelligence, and Incident Response, you will play a key role in maturing detection coverage, refining response workflows, and building the SOC’s long-term resilience against advanced adversaries. Operational Leadership Key Responsibilities and day to day: Lead and oversee investigations into complex or ambiguous threats escalated from the SOC. Conduct root cause analysis and post-incident reviews, ensuring lessons learned feed back into operations. Identify and close detection gaps by collaborating with Detection Engineering on new, tuned, or improved rules. Drive proactive threat hunting initiatives using intelligence, behavioural indicators, and anomaly detection. Validate high-severity alerts for both technical accuracy and business impact. Capability & People Leadership Act as the escalation point for technical investigations and threat-related queries from Senior Analysts. Provide technical mentoring, informal upskilling, and guidance to SOC analysts. Contribute to the development, testing, and refinement of SOC SOPs, playbooks, and the detection lifecycle. Participate in evaluating and tuning SOC tools and workflows (SIEM, SOAR, EDR, enrichment, automation). Develop and enhance SOC capabilities, including enrichment logic, automation use cases, and threat hunting frameworks. Collaborate with Threat Intelligence to generate hunting leads and contribute insights back into CTI production. Client Assurance & Representation Represent SOC technical expertise in internal and client-facing service reviews. Provide expert support and guidance for client incidents escalated to SOC leadership. To be successful in this role you’ll need/ What you’ll bring to the role or team/ What we’re looking for in a team mate Proven experience working within MSSP Strong expertise in SOC technologies (SIEM, EDR, SOAR, etc) In-depth expertise in the analysis of logs, artefacts, security events, IOCs, tactics, techniques and procedures (TTP’s) Proven ability to mentor and develop SOC analysts and act as a technical escalation point. Confidence representing SOC technical expertise in client-facing discussions and incident reviews. Strong analytical mindset with the ability to identify and drive strategic improvements across SOC operations. Deep understanding of the cyber kill chain and cybersecurity frameworks (e.g., MITRE ATT&CK, NIST, CIS) and threat landscapes Proven ability to handle high-pressure situations, make critical decisions, and manage complex incidents. Excellent communication and interpersonal skills, both verbal and written, to manage stakeholder and client relationships effectively Strong organisational and administrative skills, with attention to detail Good problem-solving abilities with a proactive focus on finding innovative and practical solutions. Ability to work collaboratively in a fast-paced environment Experience collaborating with cross-functional teams (Threat Intelligence, Detection Engineering, Incident Response) to strengthen detection and response capabilities. Benefits/Perks Time off - 25 days leave public holidays x1 day Birthday leave per year Company Pension Scheme (employer contribution 5%) flexible salary sacrifice Employee Assistance Programme (EAP) - access to dedicated mental health, emotional wellbeing and general advice EkcOlympics - a global activity for fun! Learning & development - Unlimited access to Pluralsight learning platform A lot of responsibilities & opportunities to grow (also internationally) Why Ekco ️ Microsoft’s 2023 Rising Star Security Partner of the year VMware & Veeam top partner status Ranked as 4th fastest growing technology company in the Deloitte Fast50 Awards Ekco are committed to cultivating an environment that promotes diversity, equality, inclusion and belonging We recognise the value of internal mobility and encourage opportunities for internal development & progression Flexible working with a family friendly focus are at the core of our company values Department Security Operations Centre Locations Ekco UK - Milton Keynes Remote status Fully Remote Job Openings Lead - Security Operations Security Operations Centre Ekco UK - Milton Keynes Fully Remote SOC Analyst Security Operations Centre Ekco UK - Milton Keynes, Dublin - Ekco Fully Remote Senior Enterprise Security & Data Protection Consultant Security Operations Centre Dublin - Ekco Hybrid More jobs Security Operations Centre Ekco UK - Milton Keynes Fully Remote Principal - Security Operations Founded in 2016 Ekco is now one of the fastest growing cloud solution providers in Europe! Loading application form Jobs Data & privacy ek.co/ Employee login Candidate Connect login Dutch Applicant tracking system by Teamtailor