Job Title

Security Operations Center (SOC) Manager

About US:

With over 200 brands sold in nearly 180 countries, we're the world's leading premium drinks company. Bring your passion and use your curiosity as you explore, collaborate, and innovate to build brands consumers love. Together with passionate people from all over the world, you'll test new ideas, learn and grow, and unlock a brighter, more exciting future.

About the Function

Our Digital and Technology (D&T) team are innovators, delivering ground-breaking solutions that will help shape the future of our iconic brands. Technology touches every part of our business, from the sourcing of sustainable ingredients to marketing and development of our online platforms. We utilise data insights to build competitive advantage, supporting our people to deliver value faster.

Our D&T team includes some of the most talented digital professionals in the industry. Every day, we come together to push boundaries and innovate, shaping the digital solutions of tomorrow. Whatever your passion, we'll help you become the best you can be, creating career-defining work and delivering breakthrough thinking.

About the Role

The SOC Manager is responsible for leading and managing Security Operations Center (SOC) functions, ensuring effective 24×7 monitoring, detection, incident response, and threat hunting across enterprise IT, cloud, OT, and digital environments. This role focuses on operational excellence, team leadership, incident readiness, and continuous improvement, while aligning SOC activities with enterprise cybersecurity strategy and business objectives.

Key Responsibilities

SOC Leadership & Operations

. Lead day-to-day SOC operations, ensuring continuous monitoring, detection, and response to security events and incidents.

. Manage L2/L3 SOC analysts, incident responders, and threat hunters, fostering a high-performance culture.

. Ensure adherence to incident response SLAs, escalation paths, and communication protocols.

. Act as the incident commander for major cyber incidents, coordinating technical response and stakeholder communication.

Incident Response & Threat Management

. Oversee incident triage, investigation, containment, eradication, and recovery activities.

. Conduct root-cause analysis and ensure corrective and preventive actions are implemented.

. Lead threat hunting activities using frameworks such as MITRE ATT&CK to identify advanced and stealthy threats.

. Coordinate post-incident reviews and lessons-learned sessions.

Technology & Platform Management

. Own and optimize SOC technologies including SIEM, SOAR, EDR/XDR, NDR, and threat intelligence platforms.

. Drive use-case development, tuning, and automation to reduce false positives and improve detection fidelity.

. Partner with engineering and IT teams to onboard new log sources and improve telemetry quality.

. Ensure SOC tooling aligns with enterprise architecture and cybersecurity strategy.

Process, Metrics & Continuous Improvement

. Define, track, and report SOC KPIs and metrics (MTTD, MTTR, alert quality, incident trends).

. Drive continuous improvement initiatives using data, automation, and process optimization.

. Maintain and improve SOC playbooks, runbooks, and standard operating procedures.

. Support tabletop exercises, red-team/blue-team simulations, and readiness testing.

Collaboration & Stakeholder Management

. Collaborate with GRC, IAM, Security Architecture, Cloud, OT, and Product Security teams.

. Act as a key liaison between SOC and IT, engineering, and business stakeholders.

. Support audits, regulatory inquiries, and risk assessments by providing operational evidence.

. Engage with vendors, MSSPs, and service providers, ensuring contractual SLAs are met.

People Development & Culture

. Recruit, onboard, and mentor SOC talent.

. Build career paths, training plans, and succession strategies for SOC staff.

. Foster a culture of learning, innovation, accountability, and resilience.

. Promote security awareness and collaboration across the organization.

Required Qualifications

. Bachelor's degree in Computer Science, Information Security, Engineering, or related field.

. 8-12+ years of cybersecurity experience with 5+ years in SOC / incident response leadership.

. Strong hands-on experience with SIEM/SOAR platforms and security monitoring tools.

. Proven experience leading major cyber incidents in enterprise environments.

. Strong understanding of threat frameworks (MITRE ATT&CK) and attack methodologies.

. Experience working with globally distributed teams and 24×7 operations.

Preferred Qualifications

. Certifications such as CISSP, CISM, GCIA, GCIH, CRISC.

. Experience with cloud security monitoring (AWS/Azure/GCP).

. Experience managing MSSPs or outsourced SOC models.

. Strong executive communication and reporting skills.

Rewards & Benefits Statement: (TE)

Flexible Working Statement:

Flexibility is key to our success. From part-time and compressed hours to different locations, our people work flexibly in ways to suit them. Talk to us about what flexibility means to you so that you're supported from day one.

Diversity statement:

Our purpose is to celebrate life, every day, everywhere. And creating an inclusive culture, where everyone feels valued and that they can belong, is a crucial part of this.

We embrace diversity in the broadest possible sense. This means that you'll be welcomed and celebrated for who you are just by being you. You'll be part of and help build and champion an inclusive culture that celebrates people of different gender, ethnicity, ability, age, sexual orientation, social class, educational backgrounds, experiences, mindsets, and more.

Ourambitionistocreatethebestperforming,mosttrustedandrespectedconsumer products companies in the world. Join us and help transform our business as we take our brands to the next level and build new ones as part of shaping the next generation of celebrations for consumers around the world.

Feel inspired Then this may be the opportunity for you.