×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Security Manager

Cybersecurity Defense SOC Lead

Job in Greater London, London, Greater London, W1B, England, UK
Listing for: Ascot Group
Full Time position
Listed on 2026-06-12
Job specializations:
  • IT/Tech
    Cybersecurity, Security Manager
Salary/Wage Range or Industry Benchmark: 80000 - 100000 GBP Yearly GBP 80000.00 100000.00 YEAR
Job Description & How to Apply Below
Location: Greater London

Company Overview

This is an opportunity to join Ascot Group – one of the world’s preeminent specialty risk underwriting organizations. Designed as a modern‑era company operating through an ecosystem of interconnected global operating platforms, we’re bound by a common mission and purpose:
One Ascot. Our greatest strength is a talented team that flourishes in a collaborative, inclusive, and entrepreneurial culture, steeped in underwriting excellence, integrity, and a passion to find a better way,
The Ascot Way
. The Ascot Way guides our people and our organization. Our underwriting platforms collaborate to find creative ways to deploy our capital in a true cross‑product and cross‑platform approach. These platforms work as one, deploying our capital creatively through our unique Fusion Model:
Client Centric, Risk Centric, Technology Centric.

Built to be resilient, Ascot maximizes client financial security while delivering bespoke products and world‑class service – both pre‑ and post‑claims. Ascot exists to solve for our clients’ brightest tomorrow, through agility, collaboration, resilience, and discipline.

Job Summary

As part of our 24x7 Cyber Defence function, the Security Operations Center Lead will be responsible for triaging, escalating, and managing cybersecurity events for Ascot, improving detection content and supporting the overall monitoring, detection, and cybersecurity incident response activities. Acting as an escalation point for L1/L2/L3 SOC analysts, this resource will work within an expanding cybersecurity team, collaborating with cybersecurity managers, IT infrastructure, and deskside support teams.

You must be detail‑oriented, diligent, and capable of managing multiple aspects of the incident response lifecycle simultaneously. You will be supporting a 24x7 Cybersecurity Defence function that includes overseeing and managing a Managed Security Services Provider (MSSP) and teams across multiple time zones. You will be required to work in shifts that will vary based on operational needs to support the global footprint across the UK, US, and Bermuda time zones and other regions as part of our expansion.

This resource will additionally be responsible for the overall day‑to‑day management of our SOC, maintaining detection content on the detection tool (detection rules, log ingestion, parsers, forwarders), maintaining playbooks, SOC documentation, and supporting integrations and log sources associated with the overall Cyber Defence solution. This role will be in the office with a hybrid work schedule and overseeing/managing a global team of resources.

Responsibilities
  • Monitor our security tools to triage and respond to suspicious events and abnormal activities, capable of performing deep‑diving incident investigations.
  • Serve as a point of escalation for the L1, L2, L3 SOC analysts, MSSP, and other vendors, coordinating response efforts with other groups and stakeholders with varying technical expertise, such as IT, Legal, business, etc.
  • Stay current with evolving threats, vulnerabilities, tools, technologies and threat actor TTPs to help improve detection and response capabilities.
  • Provide oversight and governance over the daily operations of the MSSP and SOC team at a global level.
  • Mentor and provide training to junior SOC team members.
  • Oversee the incident response process, ensuring rapid identification, containment, eradication, and recovery from security incidents.
  • Develop and refine standard operating procedures in the form of run books and playbooks for incident response and threat detection. Create and make improvements to procedures and playbooks.
  • Conduct technical analysis, log reviews, and assessments of cybersecurity incidents throughout the incident management lifecycle.
  • Act as an Incident Commander during cybersecurity incidents working across incident confirmation, containment, and communicating to internal and external stakeholders.
  • Work with end users, vendors, and MSSP where appropriate on security‑related incidents through closure.
  • Manage and create incident reports, identify improvements to detect and prevent similar incidents from occurring in the future.
  • Document and manage…
Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search