Cambridge, Hybrid or Remote, UK

Security Operations Centre Manager

The Opportunity

As our Security Operations Centre Manager you will be responsible for managing activities relating to monitoring and responding to security events. Additionally, you will be responsible for the development and oversight of the SOC program to ensure personnel are managed and operational efficiencies are maintained. You will work with multiple technology platforms and interfaces with other groups within Information Security, IT operations, and other technology and business functions.

You will have technical competence and experience managing diverse teams, and familiarity with recent threats and adversarial techniques, as well as the ability to quickly understand complex environments. Business and interpersonal skills are essential to manage risk to the business, interface with other business units, and develop SOC analysts. You will contribute to the company security strategy and roadmap and will be able to clearly communicate to team members at all levels.

This role can be based remotely across the UK, however living within commutable distance to our Cambridge office is a definite plus! If you’re based remotely, you will ideally be happy to travel to our Cambridge office several times throughout the year.

Day to Day

  • Lead a team of security analysts and incident responders to ensure effective 24x7x365 security monitoring and incident response operations
  • Manage relationships with third-party providers of SOC technologies and services
  • Manage security event investigations, partnering with other departments as needed
  • Identify opportunities to support and improve performance through learning plans and development plans that enhance the skills and knowledge of SOC team members, establishing a culture of continuous improvement
  • Oversee the day-to-day operations of the SOC, including staffing, monitoring and analysing system events, detecting and investigating incidents, and ensuring timely and appropriate response and resolution
  • Develop and implement SOC playbooks, policies, procedures, and standards to ensure consistent and effective security operations
  • Stay current with the latest cybersecurity threats, vulnerabilities, and attack methodologies to continuously improve the effectiveness of the SOC
  • Define, track, and report key performance indicators (KPIs) and metrics to measure the performance and efficiency of the SOC team and the technologies it utilises
  • Coordinate and participate in incident response activities, including investigations, escalations, remediation, root cause analysis, and post-incident reporting
  • Plan and execute regular incident response and post-mortem exercises, with a focus on creating measurable benchmarks to show progress (or deficiencies requiring additional attention)
  • Coordinate and participate in table-top exercises and other simulations that validate the effectiveness of SOC playbooks and company response plans
  • Provide regular reports and updates to senior management and stakeholders on the status of security incidents, threat landscape, and SOC performance
  • Identify requirements and drive improvements to the security operations procedures, policies, and standards
  • Ensure that technologies utilised by the SOC are properly configured, optimized, and fully deployed to provide maximum value
  • Partner with the security engineering team to improve tool usage and workflow, as well as with the advanced threats and assessment team to mature monitoring and response capabilities
  • Drive improvements in incident detection and response processes, including through the identification and implementation of new tools and technologies
  • Manage and oversee the day-to-day operations of the in-place security solutions
  • Facilitate project work relating to the selection, testing, deployment, configuration and lifecycle management of SOC technologies
Newsroom – Featurespace launches ARIC™ Scam Detect to protect the financial services industry and outsmart scammers

Featurespace launches ARIC™ Scam Detect to protect the financial services industry and outsmart scammers

Read more here!

About you

Must haves:

  • Bachelor’s degree in Computer Science, Information Security, or a related field
  • Significant experience in cybersecurity, with experience of managing a Security Operations Centre or incident response team
  • Deep understanding of security technologies, threat detection methodologies, and incident response processes
  • Strong knowledge of cybersecurity frameworks, standards, and regulations
  • Excellent leadership, communication, and interpersonal skills with the ability to effect change through influence at all levels of the organisation
  • Experience in investigations using formal chain-of-custody methods, forensic tools and best practices
  • Attention to detail, with the ability to succinctly communicate the key aspects of best security practice to non-technical stakeholders
  • Proven ability to manage and prioritise multiple tasks in a fast-paced environment, with the ability to adapt to changing threat landscapes and technology trends
  • Experience with cloud security and emerging technologies
  • Strong problem-solving and critical-thinking skills
  • Strong technical skills relevant to security operations and information security, including:
    • Network security
    • Security information and event management
    • Identity and access management
    • Data loss prevention
    • Vulnerability assessment and mitigation
    • Business Impact Assessments
    • Threat Analysis

Great to haves

  • Industry-recognized certifications such as CISSP, CISM, CISA, GIAC, or certifications in incident handling and computer forensics
  • Master’s degree in related field
Apply for job

Equal Opportunities

Here at Featurespace we are committed to being a place of equality, inclusion and respect to provide a safe environment for you to bring your authentic self to work. We know that we gain as much strength from our differences as we do our similarities. We value diversity and are dedicated to listening and learning from each other to build and maintain a positive and productive culture. We appreciate this will be an ever-evolving focus for the business to ensure everyone feels supported and has a sense of belonging.

How to apply

If you think you’re a good fit for the role above, we would love to hear from you.

Fill out the short application form, upload your CV and one of the team will get back to you.

If you have any questions or queries regarding this role, or life at Featurespace, please contact [email protected]

Featurespace Job Application Privacy Notice

Featurespace Ltd., is committed to comply with the General Data Protection Legislation and any implementing legislation (the “Data Protection Legislation”) and will process your Personal Data in accordance with the Data Protection Legislation and information security legislation. Any capitalised terms used in this Privacy Notice shall be given the same definition as in the Data Protection Legislation.

This Privacy Notice sets out the basis on which Featurespace Ltd will process Personal Data relating to job applicants.

The Data Controller is Featurespace Ltd., 140 Cambridge Science Park, Milton Road, Cambridge, CB4 0GF, United Kingdom.

Data refers to both Personal Data and Special Categories of Data. Your job application and the Personal Data held within it will be processed to assess your viability for the stated role. We may also process any information that you provide about your health, for the sole purpose of assessing whether any adjustments may need to be made to the recruitment process to accommodate you . If your application is unsuccessful, Featurespace will retain your Data for 24 months after the end of the recruitment process. Your Personal Data is processed in accordance with our legitimate interests of making sound recruitment decisions. You are under no obligation to provide us with your Personal Data. However without this, we cannot assess your job application. We will only process information about your health for the purpose of making reasonable adjustments to the recruitment process (if applicable), in accordance with our legal obligations. You have the following rights in relation to the processing of your Data: The right to be informed about how your Data is processed. You have the right to object to the processing of your Data based on our legitimate interests as outlined above. The right of access, to your Data and supplementary information relating to our use of your Data. In certain circumstances, we reserve the right to charge you for exercising this right. The right to rectification, if your Data is inaccurate or incomplete. In certain circumstances, the right to erasure, request the deletion of, or removal of, your Data. In certain circumstances, the right to restrict processing, block any further processing of your Data. We shall respond to any request made by you without delay and in any case within a month of your request. The right to complain to the Information Commissioner’s Office if you believe that your data protection/privacy rights have been breached. Your application will be submitted and stored on an application database (Greenhouse). Access to your Data on Greenhouse is limited to the relevant persons for your application- our internal recruiters, the hiring manager and interviewer(s). Your CV may be printed and shown to consulted decision makers, any physical copies will be securely and confidentially destroyed after a decision has been made on your application. Your CV is transferred to a third country, outside of the EEA, when it is processed by Greenhouse. Greenhouse meet the technical and organisational data security measures outlined in the GDPR Article 32, and are SOC2 Type II certified. We do not envisage that any decision will be taken about your application using automated means.