A função:
Detego Global is on the lookout for a SOC Subject Matter Expert to join our Product Management team.
Estamos procurando um analista de SOC de nível médio a sênior, com ampla experiência operacional, que esteja pronto para assumir uma função voltada para o produto. Você será a voz da equipe de desenvolvimento do SOC, traduzindo sua profunda experiência em segurança operacional em requisitos de produto e orientação estratégica para ferramentas avançadas de comando e controle do SOC. Você trabalhará em estreita colaboração com gerentes de produto, engenheiros, designers de experiência do usuário (UX) e clientes para garantir que nossos produtos resolvam os desafios reais dos analistas e melhorem a eficiência e a eficácia do SOC.
This role will provide the right candidate with the opportunity to work on some extremely rewarding projects supporting the development of impactful security operations software while working with a friendly and supportive team.
The role has a strong opportunity for growth and will play an integral role in helping shape the future of SOC products and security operations tools.
Reports to: Senior Product Manager
Place of Work: Hybrid Remote/Office in Horsham
Compensation: £55,000-£70,000 PA (negotiable depending on experience)
Responsabilidades e funções:
The SOC Subject Matter Expert role requires a professional who combines extensive SOC operational experience with strategic product thinking to bridge the gap between security operations needs and product development.
They will be responsible for providing expert SOC operational guidance throughout the product development lifecycle, defining system-level requirements, and ensuring our products genuinely address the challenges faced by SOC analysts in real-world environments.
Their primary responsibility lies in translating SOC analyst pain points, workflows, and use cases into actionable product features, with particular focus on alert/incident prioritisation and intelligent playbook execution that helps analysts make critical security decisions.
Suas responsabilidades incluirão:
Providing expert SOC operational guidance to product management and engineering teams throughout the product development lifecycle
Defining and documenting detailed system-level requirements for SOC analyst tools, ensuring alignment with real-world operational needs
Translating SOC analyst pain points, workflows, and use cases into actionable product features and user stories
Designing and validating alert prioritisation algorithms, incident triage workflows, and automated playbook logic based on operational experience
Collaborating with product managers to shape product strategy, roadmap priorities, and feature definitions
Conducting customer discovery sessions, interviews, and workshops with SOC teams to gather requirements and validate concepts
Creating realistic user personas, journey maps, and workflow diagrams that represent authentic SOC analyst experiences
Evaluating competitive SOC tools and industry trends to inform product differentiation and innovation opportunities
Participating in proof-of-concept development to validate new features addressing critical analyst decision-making challenges
Working with UX designers to ensure intuitive interfaces that match SOC analyst mental models and workflow patterns
Providing technical consultation on threat detection logic, MITRE ATT&CK mapping, and security operations best practices
Supporting go-to-market activities by creating technical content, conducting product demonstrations, and engaging with prospective customers
Mentoring and educating internal teams on SOC operations, threat landscapes, and analyst workflows
Ensuring product features align with industry frameworks (MITRE ATT&CK, NIST, ISO 27001) and SOC maturity models
Customer & Pre-Sales Enablement
Act as a trusted SOC and cyber defence expert in customer meetings, workshops, and solution design sessions
Support pre-sales engagements by articulating operational value, use cases, and real-world applicability
Deliver product demonstrations and technical briefings tailored to SOC practitioners, security leaders, and decision-makers
Translate complex SOC workflows and technical concepts into clear, compelling narratives for customers and stakeholders
Support go-to-market activities through technical content creation, presentations, and customer engagement
Competências e experiência:
- Minimum 6 years of hands-on experience as a SOC Analyst, Senior SOC Analyst, or SOC Team Lead
- Deep understanding of end-to-end SOC operations including alert triage, incident response, threat hunting, and case management
- Extensive experience with SIEM platforms, security orchestration tools, and the broader SOC technology stack
- Strong knowledge of threat detection methodologies, alert correlation, and incident prioritisation frameworks
- Expert-level understanding of MITRE ATT&CK framework and its practical application in SOC operations
- Proven ability to identify operational inefficiencies and translate them into product improvement opportunities
- Experience developing or optimising SOC playbooks, runbooks, and standard operating procedures
- Excellent communication skills with ability to articulate complex security concepts to both technical and business audiences
- Strong analytical and strategic thinking capabilities
- Understanding of common attack patterns, threat actor TTPs, and the evolving threat landscape
- Ability to balance ideal security outcomes with practical operational constraints and business realities
- Strong problem-solving skills and willingness to roll up one’s sleeves to get the job done
- Skilled at working effectively with cross-functional teams in a matrix organisation
Desejável:
8+ years of progressive SOC experience including team leadership or senior analyst responsibilities
Experience in Tier 2 or Tier 3 SOC roles with incident response and threat hunting responsibilities
Previous involvement in SOC tool evaluation, selection, or implementation projects
Experience with security automation, SOAR platforms, or playbook development
Experience working with or partnering with SOC/SIEM/EDR vendors and MSSP (Managed Security Service Provider) vendors
Familiarity with product management principles, agile methodologies, or requirements gathering processes
Experience presenting to executive leadership or external stakeholders
Knowledge of multiple SIEM platforms (Splunk, QRadar, Sentinel, Chronicle, etc.) and their operational strengths/weaknesses
Understanding of SOC metrics, KPIs, and performance measurement frameworks
Security certifications (e.g., GCIH, GCIA, GCFA, CISSP, GMON) demonstrating advanced security operations expertise
Experience working in regulated industries or with compliance-driven security operations
Bachelor’s degree in cybersecurity, information technology, or related field
We’re happy to consider flexible working, with some days of the week working from home, and to discuss accommodating your personal circumstances for work/life balance
Processo de inscrição:
Para se candidatar, envie seu currículo e uma carta de apresentação descrevendo sua experiência relevante e seu interesse na vaga para hr@detegoglobal.com. As candidaturas serão analisadas à medida que forem recebidas; por isso, recomendamos que se inscreva o mais cedo possível.
Join us and play a pivotal role in driving innovation and excellence in the field of digital investigations!
