The Role:
Detego Global is on the lookout for a SOC Subject Matter Expert to join our Product Management team.
We are looking for a mid to senior SOC analyst with extensive operational experience who is ready to transition into a product-focused role. You will be the voice of the SOC development team, translating deep operational security experience into product requirements and strategic direction for advanced SOC command and control tools. You will work closely with product managers, engineers, UX designers, and customers to ensure our products solve real analyst challenges and improve SOC efficiency and effectiveness.
This role will provide the right candidate with the opportunity to work on some extremely rewarding projects supporting the development of impactful security operations software while working with a friendly and supportive team.
The role has a strong opportunity for growth and will play an integral role in helping shape the future of SOC products and security operations tools.
Reports to: Senior Product Manager
Place of Work: Hybrid Remote/Office in Horsham
Compensation: £55,000-£70,000 PA (negotiable depending on experience)
Responsibilities and Duties:
The SOC Subject Matter Expert role requires a professional who combines extensive SOC operational experience with strategic product thinking to bridge the gap between security operations needs and product development.
They will be responsible for providing expert SOC operational guidance throughout the product development lifecycle, defining system-level requirements, and ensuring our products genuinely address the challenges faced by SOC analysts in real-world environments.
Their primary responsibility lies in translating SOC analyst pain points, workflows, and use cases into actionable product features, with particular focus on alert/incident prioritisation and intelligent playbook execution that helps analysts make critical security decisions.
Their responsibilities will include:
Providing expert SOC operational guidance to product management and engineering teams throughout the product development lifecycle
Defining and documenting detailed system-level requirements for SOC analyst tools, ensuring alignment with real-world operational needs
Translating SOC analyst pain points, workflows, and use cases into actionable product features and user stories
Designing and validating alert prioritisation algorithms, incident triage workflows, and automated playbook logic based on operational experience
Collaborating with product managers to shape product strategy, roadmap priorities, and feature definitions
Conducting customer discovery sessions, interviews, and workshops with SOC teams to gather requirements and validate concepts
Creating realistic user personas, journey maps, and workflow diagrams that represent authentic SOC analyst experiences
Evaluating competitive SOC tools and industry trends to inform product differentiation and innovation opportunities
Participating in proof-of-concept development to validate new features addressing critical analyst decision-making challenges
Working with UX designers to ensure intuitive interfaces that match SOC analyst mental models and workflow patterns
Providing technical consultation on threat detection logic, MITRE ATT&CK mapping, and security operations best practices
Supporting go-to-market activities by creating technical content, conducting product demonstrations, and engaging with prospective customers
Mentoring and educating internal teams on SOC operations, threat landscapes, and analyst workflows
Ensuring product features align with industry frameworks (MITRE ATT&CK, NIST, ISO 27001) and SOC maturity models
Customer & Pre-Sales Enablement
Act as a trusted SOC and cyber defence expert in customer meetings, workshops, and solution design sessions
Support pre-sales engagements by articulating operational value, use cases, and real-world applicability
Deliver product demonstrations and technical briefings tailored to SOC practitioners, security leaders, and decision-makers
Translate complex SOC workflows and technical concepts into clear, compelling narratives for customers and stakeholders
Support go-to-market activities through technical content creation, presentations, and customer engagement
Skills and Experience:
- Minimum 6 years of hands-on experience as a SOC Analyst, Senior SOC Analyst, or SOC Team Lead
- Deep understanding of end-to-end SOC operations including alert triage, incident response, threat hunting, and case management
- Extensive experience with SIEM platforms, security orchestration tools, and the broader SOC technology stack
- Strong knowledge of threat detection methodologies, alert correlation, and incident prioritisation frameworks
- Expert-level understanding of MITRE ATT&CK framework and its practical application in SOC operations
- Proven ability to identify operational inefficiencies and translate them into product improvement opportunities
- Experience developing or optimising SOC playbooks, runbooks, and standard operating procedures
- Excellent communication skills with ability to articulate complex security concepts to both technical and business audiences
- Strong analytical and strategic thinking capabilities
- Understanding of common attack patterns, threat actor TTPs, and the evolving threat landscape
- Ability to balance ideal security outcomes with practical operational constraints and business realities
- Strong problem-solving skills and willingness to roll up one’s sleeves to get the job done
- Skilled at working effectively with cross-functional teams in a matrix organisation
Desirable:
8+ years of progressive SOC experience including team leadership or senior analyst responsibilities
Experience in Tier 2 or Tier 3 SOC roles with incident response and threat hunting responsibilities
Previous involvement in SOC tool evaluation, selection, or implementation projects
Experience with security automation, SOAR platforms, or playbook development
Experience working with or partnering with SOC/SIEM/EDR vendors and MSSP (Managed Security Service Provider) vendors
Familiarity with product management principles, agile methodologies, or requirements gathering processes
Experience presenting to executive leadership or external stakeholders
Knowledge of multiple SIEM platforms (Splunk, QRadar, Sentinel, Chronicle, etc.) and their operational strengths/weaknesses
Understanding of SOC metrics, KPIs, and performance measurement frameworks
Security certifications (e.g., GCIH, GCIA, GCFA, CISSP, GMON) demonstrating advanced security operations expertise
Experience working in regulated industries or with compliance-driven security operations
Bachelor’s degree in cybersecurity, information technology, or related field
We’re happy to consider flexible working, with some days of the week working from home, and to discuss accommodating your personal circumstances for work/life balance
Application Process:
To apply, please send your CV and a cover letter outlining your relevant experience and interest in the role to hr@detegoglobal.com. Applications will be reviewed on a rolling basis, so early applications are encouraged.
Join us and play a pivotal role in driving innovation and excellence in the field of digital forensics!
