Head of Security Monitoring and Threat Hunting

• Manage the delivery of a global, follow-the-sun SOC operation aligned to enterprise risk and business priorities
• Own SOC KPIs, SLAs, and quality metrics, ensuring performance targets are met without compromising investigation depth
• Ensure robust triage, escalation, and handover processes are consistently applied
• Maintain strong governance, documentation, and audit readiness
• Own the continuous tuning and optimisation of detection rules to reduce false positives and improve signal quality
• Provide line management, direction, and coaching to SOC Leads, ensuring consistent operational standards across all shifts
• Set clear objectives, performance measures, and development plans for SOC Leads
• Build a high-performing, resilient SOC culture focused on professionalism, accountability, and continuous improvement
• Ensure effective workforce planning, shift coverage, and succession planning within a 24/7 operating model
• Work with other cross functional leaders/teams to implement efficient business processes and support the overall maturity of the Cyber function
• Establish and embed a proactive investigation and threat hunting capability
• Drive a shift from reactive alert handling to proactive-driven investigations
• Oversee case quality, root cause analysis, and post-incident reviews
• Lead the implementation and operational adoption of AI-driven triage and SOAR automation
• Automate low-level case handling and enrichment to reduce analyst workload and improve efficiency
• Improve MTTD and MTTR while maintaining appropriate controls and oversight
• Define and deliver a SOC maturity and capability roadmap aligned to enterprise cyber strategy and UK regulatory expectations
• Track emerging threats, technologies, and industry best practice to continuously evolve the SOC

• 4+ years proven experience managing a 24/7 SOC within a large enterprise environment
• Demonstrated line management experience of SOC Leads and Analysts
• Strong background in security investigations, triage, and escalation
• Experience leading or establishing proactive threat hunting
• Practical experience implementing AI, SOAR, and automation within SOC operations
• Understanding of modern threat actor tradecraft
• Ability to balance SLA performance with investigation quality and analyst wellbeing
• Strong stakeholder management and executive communication skills
• Experience operating in regulated UK environments (e.g. financial services)
• Experience delivering SOC maturity transformation

CISSP, CISM, or GIAC certifications (GCIA, GCIH, GCED)

• 33 days holiday (including bank holidays) when they join us, increasing the longer you stay with us, up to a maximum of 38 days (including bank holidays)
• Option to buy or sell up to an additional five days of annual leave
• Eligible for up to £3,600 of free shares each year after one year of service
• Financial & Mortgage Advice
• 24-Hour Ecare
• Cycle to Work Scheme
• Flexible Working
• Simply Health
• Private Health Cover
• Critical Illness Cover