SOC Incident Response & Threat Hunting Manager
Fully Remote (UK-based) | Up to £85,000 + 10–15% Bonus + £6k Car Allowance + Excellent Benefits
(Occasional travel to Warrington, approx. once per quarter)
Our client is expanding their virtual Security Operations Centre (vSOC) and looking for an experienced SOC Incident Response & Threat Hunting Manager to lead and develop a high-performing Tier 3 team.
This is a hands-on leadership role, ideal for someone who’s equally comfortable managing people and tackling complex security incidents directly. You’ll guide analysts through live investigations, lead advanced threat hunting operations, and help shape the strategy for the Cyber Threat Intelligence (CTI) capability.
The focus is on leadership through technical excellence — combining deep expertise in DFIR, threat hunting, and detection engineering with a proactive approach to strengthening security posture across diverse customer environments.
The Role
* Lead and mentor Tier 3 SOC and Incident Response Analysts.
* Act as the technical lead on high-severity security incidents from initial detection through to post-incident review.
* Design and execute advanced threat hunting exercises, integrating intelligence from CTI and Detection Engineering teams.
* Drive the strategic development and maturity of the CTI capability.
* Deliver in-house training programmes, tabletop exercises, and skills development sessions.
* Collaborate cross-functionally to ensure threat intelligence translates into actionable improvements.
* Participate in the on-call rota (1 week in 4) to provide leadership during critical incidents.
What You’ll Bring
* Strong background in SOC operations, incident response, and threat hunting.
* Experience leading teams or acting as senior escalation within a fast-moving SOC.
* Technical depth across digital forensics and adversary TTPs.
* Excellent analytical problem-solving and decision-making under pressure.
* Confident communicator who can explain findings clearly to technical and non-technical audiences.
* Track record of driving continuous improvement and developing others.
* Comfortable with any major SIEM or EDR platform (e.g. Splunk, QRadar, Sentinel, etc.).
Package & Benefits
* Salary: Up to £90,000 (DOE)
* Bonus: 10–15% + 5% SiS Bonus
* Car Allowance: £6,000
* Clearance: No existing clearance required – SC sponsorship available (open to dual nationals)
* Flexible Working: “Work Your Way” approach from day one
* Pension: Double matching contributions up to 10%
* Holidays: 25 days + public holidays (3 flexible)
* Health: Private medical (role dependent), life assurance, virtual GP access
* Perks: Flexible benefits scheme, employee discounts, incentive plans
* On-call: 1 week in 4
This role offers the opportunity to shape a modern, virtual SOC for a leading global technology organisation, combining strategic leadership with hands-on technical impact across incident response and threat hunting.
If you’re a strong technical leader who still enjoys being close to the action, this is an opportunity worth exploring.