Share this Job

Group Cyber - Security Operations Centre Lead


Knottingley, ENG, GB, WF11 0HP

Job ID:  51641
Estimated Travel:  25 - 50%
Contract Type:  Employee
Talent Area:  IT



This is a Hybrid working contract with at least 2 days in the office a week.


Purpose of Role

The primary responsibility for the SOC Lead is to lead and manage the Security Operations Centre and provide oversight and subject matter expertise to the Regional Analysts.


Key Responsibilities

  1. Manage BAU operations conducted by SOC Analysts on security event and threat monitoring and provide guidance in the event of escalations
  2. Be the primary interface and relationship owner for SOC service provider(s) and ensure they are meeting contractually defined Service Level Agreements
  3. Provide leadership, expertise and insight for incident management activities incl. identification, analysis, escalation, investigation, mitigation, monitoring and reporting
  4. Define and collect metrics / KPIs and periodically report to leadership on SOC events / incidents and overall effectiveness of the SOC to help ensure SOC metrics are in line with risk appetite
  5. Drive the development of threat management, threat modelling and identification of new threat vectors by keeping up to date with industry activity and methodology
  6. Support the review and approval of playbooks and use cases that adequately address the evolving business and threat landscapes
  7. Oversee Security Engineer and SOC On-boarding Manager to validate that the SecOps estate is adequately maintained and that appropriate log sources are being on-boarded. Oversee automation and toolset visibility efforts to ensure these are proactively improving the efficiency and coverage of the SOC
  8. The ability to activate and lead on Incident Response activities and serve as a key member of the CSIRT and provide Incident reports to senior stakeholders
  9. Instruct and guide Regional Analysts as needed to facilitate the delivery of SOC and Incident report capabilities
  10. Provide ad-hoc SOC advisory to both IT and Business to ensure awareness, buy-in and engagement where neede


Qualifications (or equivalent), Knowledge and Experience



  • Bachelor’s degree or equivalent experience in computer science, IT engineering, or related field 
  • An MSc Information Security or equivalent would be an advantage 


  • Information Security and/or Information Technology certifications such as GCFE, GCFA, OSCP, CEH, GCIH, GSEC etc. are strongly preferred
  • Azure Security Certifications are strongly preferred
  • Project management certifications such as PMP strongly preferred



  • Proven working knowledge of the National Institute of Standards and Technology (NIST) guidelines described in NIST SP 800-137 for Continuous Monitoring (CM) 
  • Proven working knowledge of the SANS guidelines on Continuous Monitoring and Security Operations 
  • Proficiency in Security Operations and Incident Response
  • Extensive knowledge of various security operations tools, technologies and processes including security device management tools, IDs / IPS and SIEM tools 
  • A technical understanding of log analysis, malware analysis, host forensics, network forensics
  • Exceptional operational rigor with experience in ITIL methodologies and other frameworks for IT security operations 
  • Deep expertise in security concepts such as threat vectors, event and incident management, cyber threats and attacks etc. 
  • Knowledge of various operating systems such as Windows, Linux and Unix 
  • Proven ability to understand the businesses critical assets and network infrastructure, including applications, middleware and databases to identify sources during investigations or exposure to threats 
  • Proficient in reporting to leadership on programme effectiveness 
  • Organised with a proven ability to prioritise workload, meet deadlines, and utilise time effectively  
  • Strong interpersonal and communication skills; able to deal effectively with diverse skill sets and personalities 
  • Strong analytical skills
  • Fluent in spoken and written English 



  • Prior work experience in information security is essential
  • Prior leadership/ management experience is essential
  • Experience in security device management and SIEM solutions
  • Experience in global delivery operations support model (e.g. 24-7 / 16-8 and on-call models)
  • Experience in service delivery planning and service level optimisation 
  • Experience in respond to security incidents
  • Experience running or working within a SOC



  • Proficient in leading security operational meetings with key internal and external stakeholders and managing relationship with service providers 
  • Cross cultural sensitivity and flexibility  

About Ardagh Group

Ardagh Group is a global leader in metal and glass packaging solutions, producing packaging for the world’s leading brands. We trace our roots all the way back to the Irish Glass Bottle Company, founded in 1932. Since then we have grown rapidly to a team of more than 20,000 people with revenues of almost $10 billion. Today we have a presence across Europe, Africa and the Americas.


  • Did you know that Ardagh produce many of the beverage cans and bottles you drink your favourite beverages from?
  • Did you know we produce metal and glass packaging which are permanent materials, meaning they can be infinitely recycled without any loss of quality?
  • Did you know we produce more than 160 million containers per day?


Ardagh is passionate about sustainability and have a reputation for innovation. We push the boundaries of what’s possible, pioneering new production methods, new design techniques and new ways to recycle and save energy. Our aim is to reduce any negative environmental impact whilst remaining economically sustainable and socially responsible.

We believe that the success of our business depends on the success of our people. We strive to create working environments where our employees feel valued, can work to their full potential, and where their achievements are celebrated.

Here at Ardagh, we offer exciting and rewarding opportunities for talented and creative people. If you have ambition and want to make an impact with your career, come and join our team, you’ll enjoy the journey!

Click here for more information about our careers or click here for more information about Ardagh Group.