Security Operations Centre Lead

The UKSBS SOC is a critical function responsible for protective monitoring, threat detection, investigation and incident response. Operating through a hybrid model, the service combines an in-house team with a 24/7 third-party provider.

As SOC Lead, you will take ownership of the leadership, performance and ongoing development of the SOC. You will oversee both internal capability and outsourced provision, ensuring the service operates effectively, remains resilient and aligns with organisational risk and regulatory expectations.

You will act as the senior escalation point for significant cyber incidents, provide clear operational leadership during complex events and serve as a trusted adviser to senior stakeholders on cyber risk. The role also includes building strong relationships across Whitehall and partner departments, strengthening collaboration across the wider SOC community.

What you'll be doing:

• Shape and lead a newly established SOC function , defining its direction, maturity and long-term capability.
• Own the end-to-end security operations model , across in-house teams and 24/7 third-party provision.
• Act as the senior escalation point for major cyber incidents , leading response and decision-making when it matters most.
• Drive SOC tooling, automation and detection improvements , building a modern, intelligence-led capability.
• Influence senior stakeholders and cross-government partners , embedding operational cyber risk into strategic decision-making.

Do you have experience in Incident response?, * Proven experience of leading or managing a SOC or cyber security operations function.

• A track record of building, improving or maturing security operations capability.
• Strong knowledge of security monitoring, incident response and threat management.
• Confidence operating in high-pressure incident scenarios with clear, decisive leadership.
• The ability to translate complex cyber risk into clear, business-focused language for senior audiences., Successful candidates may be required to undergo Security Clearance (National Security Vetting) as part of their employment. To meet these standards, applicants must normally have lived in the UK for at least the last five years and be able to satisfy background, identity and criminal record checks.

UKSBS does not hold a Home Office Sponsor Licence under the UK Immigration System, therefore candidates are required to have eligibility to live and work in the UK prior to applying.

It's an exciting time to be part UKSBS as we transform our business to be the leading UK public sector business service provider. We aim to become a very different organisation over the next few years as we move to a modern multi-platform, digitally enabled organisation. UKSBS is strengthening and evolving its cyber security capability as part of our wider digital transformation. We are establishing a new SOC Lead role within our Security Operations Centre, offering a genuine opportunity to define how security operations are led and delivered across UKSBS and our partner organisations.