Job Title

Security Operations Center (SOC) Engineering Manager

About US:

With over 200 brands sold in nearly 180 countries, we're the world's leading premium drinks company. Bring your passion and use your curiosity as you explore, collaborate, and innovate to build brands consumers love. Together with passionate people from all over the world, you'll test new ideas, learn and grow, and unlock a brighter, more exciting future.

About the Function

Our Digital and Technology (D&T) team are innovators, delivering ground-breaking solutions that will help shape the future of our iconic brands. Technology touches every part of our business, from the sourcing of sustainable ingredients to marketing and development of our online platforms. We utilise data insights to build competitive advantage, supporting our people to deliver value faster.

Our D&T team includes some of the most talented digital professionals in the industry. Every day, we come together to push boundaries and innovate, shaping the digital solutions of tomorrow. Whatever your passion, we'll help you become the best you can be, creating career-defining work and delivering breakthrough thinking.

About the Role

The SOC Manager is responsible for leading and managing Security Operations Center (SOC) functions, ensuring effective 24×7 monitoring, detection, incident response, and threat hunting across enterprise IT, cloud, OT, and digital environments. This role focuses on operational excellence, team leadership, incident readiness, and continuous improvement, while aligning SOC activities with enterprise cybersecurity strategy and business objectives.

Key Responsibilities

Job Description - SOC Engineering Manager

Role Summary

The SOC Engineering Manager leads the engineering and enablement functions that power the Security Operations Center. This includes ownership of detection engineering, automation, telemetry pipelines, platform optimization, and continuous improvement of security monitoring and response capabilities. The role requires deep technical proficiency, strong architectural thinking, and leadership in building high‑performance engineering teams.

Key Responsibilities

SOC Platform & Engineering Leadership

.Lead engineering strategy, architecture, and lifecycle management of all SOC technologies.

.Oversee design and implementation of scalable logging, monitoring, and response platforms.

.Ensure platforms meet performance, resilience, availability, and operational readiness requirements.

.Drive long‑term engineering roadmaps aligned to enterprise security strategy.

Detection Engineering & Threat Analytics

.Design and implement detection logic using attacker‑technique frameworks (e.g., MITRE ATT&CK).

.Develop behavioral, anomaly‑based, and signature‑based detections across identity, endpoint, email, cloud, and network domains.

.Perform detection tuning, baselining, and enrichment improvements to enhance fidelity.

.Lead threat analysis and build threat‑informed use cases to strengthen coverage.

Automation & Orchestration

.Develop automated workflows to streamline incident response, enrichment, containment, and remediation.

.Build reusable automation components following engineering best practices.

.Integrate automation with identity, endpoint, cloud, ticketing, and intelligence systems.

.Drive an automation‑first culture across SOC operations.

Telemetry, Data Engineering & Integration

.Lead onboarding and engineering of telemetry sources across cloud, identity, endpoint, network, OT, and SaaS environments.

.Ensure data quality, schema consistency, normalization, and reliability in all pipelines.

.Apply engineering practices to improve log health, reduce noise, and enhance correlation capabilities.

.Develop telemetry dashboards and KPIs for coverage, completeness, and ingestion health.

Engineering Governance & Continuous Improvement

.Establish engineering standards, design patterns, documentation, and architectural baselines.

.Maintain platform health metrics, detection maturity frameworks, and automation KPIs.

.Conduct regular engineering assessments and drive modernization initiatives.

.Support audits and compliance efforts with technical documentation and evidence.

Cross‑Functional Collaboration

.Work closely with SOC Operations to address detection gaps and engineering dependencies.

.Partner with Cloud, Identity, Network, and Architecture teams to enhance telemetry and controls.

.Engage with vendors and partners to support platform enhancements and roadmap alignment.

.Provide engineering insights to leadership during incident reviews and strategic discussions.

People Leadership & Capability Development

.Lead, mentor, and grow SOC engineers, detection engineers, and automation specialists.

.Build structured development pathways focused on advanced engineering skills.

.Promote a culture of innovation, accountability, and technical excellence.

.Create succession plans and capability uplift programs for the team.

Hands‑On Technical Skills

1. Detection Engineering

.Strong hands‑on experience building detections using: Query‑based analytics languages (e.g., KQL‑like, SQL‑like, pattern‑matching engines)Behavior‑based and anomaly‑based detection techniquesThreat modeling and MITRE ATT&CK mappingSignal correlation, enrichment, and contextual analytics

.Ability to design detections for: Endpoint behavioral anomaliesIdentity misuse and lateral movementEmail threats (phishing, BEC, malware)SaaS and cloud application misuseData exfiltration and DLP bypass patterns

2. Automation & Orchestration

.Hands‑on expertise with workflow automation technologies (SOAR‑type systems).

.Ability to build automated remediation and containment actions.

.Experience with: API integrationsJSON/YAML transformationsEvent‑driven triggersAutomated enrichment logic

.Ability to automate response actions across endpoints, identity systems, cloud environments, and collaboration platforms.

3. Telemetry & Data Engineering

.Proficiency in engineering log pipelines across multiple domains: IdentityCloudEndpointEmailNetworkApplication/SaaS

.Experience with schema design, parsing, normalization, and taxonomy alignment.

.Ability to perform telemetry quality assessments and implement improvements.

4. Scripting & Engineering Skills

.Hands‑on skills in: PowerShell or BashPython (light to intermediate scripting)Regular expressionsGit‑based version control

.Experience building engineering automations, utilities, or integration scripts.

5. Security & Threat Expertise

.Deep understanding of: Attack lifecyclesThreat actor techniquesIdentity compromise patternsEndpoint exploitation behaviorsCloud attack vectors

.Experience conducting threat‑informed engineering improvements.

6. Architecture & Troubleshooting

.Strong ability to analyze, architect, and optimize large security data platforms.

.Troubleshooting experience across distributed systems, log ingestion, automation failures, and detection pipelines.

Required Qualifications

.Bachelor's degree in Cybersecurity, Engineering, Computer Science, or related field.

.8-12+ years of cybersecurity experience with significant time in SOC engineering or detection engineering.

.Demonstrated expertise leading technical engineering teams in enterprise environments.

.Strong communication skills and ability to translate technical concepts to leadership.

Preferred Qualifications

.Professional certifications in security operations, cloud security, or architecture.

.Experience in global, hybrid cloud, or 24×7 operations environments.

.Proven ability to build high‑performing engineering teams.

Rewards & Benefits Statement: (TE)

Flexible Working Statement:

Flexibility is key to our success. From part-time and compressed hours to different locations, our people work flexibly in ways to suit them. Talk to us about what flexibility means to you so that you're supported from day one.

Diversity statement:

Our purpose is to celebrate life, every day, everywhere. And creating an inclusive culture, where everyone feels valued and that they can belong, is a crucial part of this.

We embrace diversity in the broadest possible sense. This means that you'll be welcomed and celebrated for who you are just by being you. You'll be part of and help build and champion an inclusive culture that celebrates people of different gender, ethnicity, ability, age, sexual orientation, social class, educational backgrounds, experiences, mindsets, and more.

Ourambitionistocreatethebestperforming,mosttrustedandrespectedconsumer products companies in the world. Join us and help transform our business as we take our brands to the next level and build new ones as part of shaping the next generation of celebrations for consumers around the world.

Feel inspired Then this may be the opportunity for you.