Security Operations Centre Manager
Requirements
Candidates should have a background in security operations or managed services, with experience in leading analysts and a solid understanding of SOC operations. Familiarity with SIEM/SOAR and ITIL processes is also required.
Job Description
UK Sovereign SOC
Security Operations Manager
Full-time onsite in Birmingham - We can pay for relocation if required
Role Description
We are looking for a Security Operations Manager to lead the delivery of high-assurance SOC services within a UK sovereign environment. This role is accountable for ensuring our security operations are reliable, responsive, and continuously improving, while building strong client trust and developing a high-performing analyst team.
You will own service quality end-to-end, balancing operational control, incident leadership, people management, and service evolution.
What You Will Be Responsible for
You will own the day-to-day delivery of Security Operations Centre (SOC) services for assigned clients, ensuring consistent achievement of agreed SLAs, KPIs, and security outcomes. You will maintain a strong focus on client confidence by leading Monthly Service Reviews and contributing to Quarterly Business Reviews, clearly articulating what has occurred, what has improved, and what actions will be taken next. You will manage service escalations with control and authority, restoring trust when issues arise, and will drive Service Improvement Plans through to measurable improvements in both service performance and security posture.
You will lead the operational management of security incidents, applying structured incident and major incident management disciplines to ensure consistent, high-quality outcomes. This includes coordinating high-priority incidents across SOC analysts, detection engineers, and client stakeholders, ensuring investigations are technically sound and proportionate to risk. You will ensure all incident communications are clear, timely, and evidence-based, providing clients with confidence in both the response and the decision-making process. You will drive Post Incident Reviews that result in measurable improvements to detection logic, use-case coverage, playbooks, and response workflows.
As a people leader, you will be accountable for building and maintaining a technically capable and operationally disciplined SOC team. You will provide regular coaching, technical guidance, and performance feedback to strengthen investigative quality and consistency. You will define clear expectations around triage, escalation, and analytical standards, ensuring analysts focus on signal quality and risk-driven outcomes. You will ensure sustainable workforce planning, including 24×7 coverage where required, balancing performance expectations with analyst wellbeing. You will also play a key role in hiring and developing talent, fostering a high-trust, learning-focused culture where analysts are encouraged to deepen their technical expertise and decision-making capability.
You will embed strong operational and technical discipline within the SOC by ensuring incident, problem, and change management processes are consistently applied and aligned to real-world security operations. You will maintain accurate, actionable playbooks that reflect current threats, tooling capabilities, and client environments, ensuring analysts can execute effectively under pressure. You will ensure the SOC remains audit-ready through established controls and evidence-driven practices, rather than reactive preparation. You will also support the structured onboarding of new services and technologies into BAU operations, ensuring detection coverage, logging, and response processes are fully integrated from the outset.
What You’ll Bring
You will bring a strong security service leadership mindset, with clear ownership and accountability for delivering outcomes rather than activity. You are able to remain calm, decisive, and credible under pressure, providing clarity and direction during high-impact or time-sensitive situations. You will have excellent communication skills, with the confidence and presence to lead discussions at both client and executive levels, translating complex technical matters into clear, actionable insight.
You will demonstrate strong people leadership capability, combining empathy with performance management to drive both individual and team success while maintaining wellbeing. You approach security operations with a pragmatic, improvement-focused mindset, continually seeking ways to enhance service quality, operational effectiveness, and client outcomes.
Experience & Qualifications
- Background in security operations, IT operations, or managed services environments, with demonstrable security exposure.
- Experience mentoring or leading analysts (acting lead, shift lead, or emerging people manager).
- Solid understanding of SOC operations, including detection, triage, escalation, incident communications, and PIRs.
- Practical familiarity with SIEM/SOAR and EDR platforms.
- Working knowledge of ITIL‑aligned operational processes.
Security & Working Requirements
You must be eligible for UK Security Clearance (SC), with sponsorship available where required. This is a Birmingham based role operating within an office based environment to support a collaborative SOC working model. The position is full-time and requires engagement in a structured, team-oriented operational setting.
Skills
About NTT DATA
NTT DATA – a part of NTT Group – IT and business services headquartered in Tokyo. We help clients transform through consulting, industry solutions, business process services, digital & IT modernization and managed services. NTT DATA enables them, as well as society, to move confidently into the digital future. We are committed to our clients’ long-term success and combine global reach with local client attention to serve them in over 50 countries around the globe.
View company profile →