Managing Consultant - SOC Services

Location: Remote UK, United Kingdom

Thales people architect identity management and data protection solutions at the heart of digital security. Business and governments rely on us to bring trust to the billons of digital interactions they have with people. Our technologies and services help banks exchange funds, people cross borders, energy become smarter and much more. More than 30,000 organizations already rely on us to verify the identities of people and things, grant access to digital services, analyze vast quantities of information and encrypt data to make the connected world more secure.

Together we offer fantastic opportunities for committed employees to learn and develop their career with us. At Thales UK, we research, develop, and supply technology and services that impact the lives of millions of people each day to make life better, and keep us safer. We innovate across the major industries of Aerospace, Defence, Security and Space. Your health and well-being matters to us and that’s why we offer you the flexibility to do what’s important to you; whether that’s part time hours, job sharing, home working, or the ability to flex your start and finish times. Where possible, we support a working pattern that suits your lifestyle and helps you reach your ambitions.

Job Title: Managing Consultant – SOC Services

Base location: Remote UK

Our opportunity

As a SOC Services Managing Consultant at Thales, you will lead and oversee critical initiatives aimed at enhancing our clients’ Security Operations Centre (SOC) capabilities. Your primary responsibility will be to build strong, collaborative relationships with clients while providing expert guidance on strategic SOC management, operations, and security incident response. You will oversee project teams, ensuring successful delivery of high-quality consulting services that drive performance, efficiency, and security posture improvements.

Key Responsibilities and Tasks

Business Development

• Develop product and service roadmaps for Thales’ Security Operations Centre capability.

• Define the go-to-market strategy for all Security Operations Centre services across all customer domains.

• Work with the sales team to engage new customers across all market sectors.

• Support business development efforts, including proposal writing, presentations, and building the pipeline for future consulting projects.

• Manage accounts with key customers.

Capability Development across Thales UK and Thales globally

• Manage a team of consultants and analysts, providing mentorship, support, and guidance to foster professional growth and development.

• Coordinate skills and competencies with all of the global Thales entities with Security Operations Centre staff in country.

• Share knowledge across the global resources.

• Manage multi-national programmes utilising in-country resources.

Client Engagement and Strategy Development:

• Lead SOC consulting engagements by defining project scope, objectives, and deliverables, ensuring alignment with client needs and expectations.

• Conduct comprehensive assessments of clients’ existing SOC operations and capabilities to identify operational gaps and areas for improvement.

• Produce actionable reports and presentations for clients, summarizing findings, recommendations, and strategic opportunities for improvement.

• Cultivate strong relationships with key stakeholders, facilitating communication between technical teams and management to ensure alignment and understanding of security objectives.

• Serve as the primary advisor to clients on matters related to cybersecurity and Security Operations Centre services.

• Understand clients’ business objectives, SOC environments, and cybersecurity challenges to tailor recommendations effectively.

Governance and Compliance

• Work with customers to define and implement Cyber Security Operations capabilities within their organisations.

• Assists customers in the routine application and interpretation of SOC security legislation, standards, policies and practices.

Risk Assessment and Vulnerability Analysis:

• Perform thorough assessments of clients’ SOC systems, identifying security gaps, and vulnerabilities.

• Conduct risk analyses to determine potential impacts on operations and prioritize areas for improvement.

Strategic Recommendations and Solutions:

• Develop and implement tailored SOC strategies, frameworks, and processes that align with industry best practices and organizational goals.

• Recommend and design tailored cybersecurity solutions that integrate with existing SOC infrastructure.

Implementation Oversight:

• Guide and support the implementation of cybersecurity measures, including technology solutions, policy changes, and procedural enhancements.

• Ensure that new systems and processes are integrated smoothly and effectively into the client's operational environment.

Incident Response and Recovery Planning:

• Oversee incident response strategies, including the establishment of playbooks, workflows, and escalation procedures to improve response times and overall effectiveness.

• Collaborate with clients to enhance threat detection, response, and reporting mechanisms, ensuring they are equipped to mitigate evolving cybersecurity risks.

• Provide guidance on managing and recovering from cybersecurity incidents to minimize downtime and operational impact.

Training and Capacity Building:

• Deliver training sessions and workshops to client teams on cybersecurity best practices and SOC management.

• Enhance client knowledge and readiness through educational initiatives and hands-on support.

Continuous Monitoring and Improvement:

• Stay informed of the latest trends, technologies, industry best practices and regulatory requirements affecting SOC operations to provide clients with up-to-date advice and insights.

• Recommend continuous improvements and adjustments to clients’ cybersecurity strategies based on emerging trends and evolving threats.

Documentation and Reporting:

• Prepare detailed reports documenting assessments, recommendations, and implementation progress.

• Communicate findings and recommendations clearly to stakeholders, ensuring transparency and understanding.

Skills and Expertise

• A degree or equivalent in related control systems or cyber security.

• GIAC GSOC / GCFA certification or equivalents.

• At least 5 years’ experience in Security Operations Centre environment, with a minimum of 3 years in a management role.

• Deep understanding of cybersecurity principles, frameworks, and best practices as they apply to SOC environments.

• Hands-on knowledge of SIEM platforms and technologies, such as Splunk, QRadar, Google, LogRhythm and SolarWinds.

• Solid understanding of EDR, MDR and XDR technologies and processes.

• Extensive experience of integrating Threat Intelligence, Automation tools and AI capability into SOC environments.

• Strong analytical skills with the ability to evaluate complex technical issues and devise effective solutions.

• Excellent communication and presentation skills, with the capability to convey technical concepts to non-technical stakeholders.

• Demonstrated project management abilities, with experience handling multiple projects and meeting deadlines.

• Understanding of SOC / SIEM configurations and possesses the ability to test, diagnose, configure and maintain SOC systems.

• Produce security architecture design documents that have been created through an analysis of the potential risks, which has taken into account threats and likely attack routes to a system and produces pragmatic security controls.

• Selection of appropriate security components to provide security-enforcing functions that can be justified through the evaluation of component's security function and implementation

• Demonstrate a working knowledge of the Policies and Standards that are required for systems operating in a controlled environment, such as ISO, industry specific for Nuclear / CNI / transportation or government/department policies.

• Ability to analyse information and produce reports, network diagrams and recommendations on how to improve security monitoring and detection.

• Ability to plan, control, report and manage the risk for a defined package of work to ensure delivery of on-time, budget and quality products.

This role will require SC Clearance. It would be advantageous if currently held, however, if not currently held, it is a requirement that the successful applicant will undergo, achieve, and maintain SC Clearance.  Please visit the UKSV website for further guidance.

To be eligible for full SC, you generally need to have resided in the UK for the last 5 years.  In some circumstances, a minimum of 3 years’ residence in the UK over the last 5 years may be accepted, with additional overseas checks.

For further details of the evidence required to apply for Baseline and Security Clearance please refer to the National Security Vetting (NSV) Agency - United Kingdom Security Vetting - GOV.UK (www.gov.uk)

#LI-VJ1

In line with Thales' Baseline Security requirements, candidates will be asked to provide evidence of identity, eligibility to work in the UK and employment and/or education history for up to three years. Some vacancies may require full Security Clearance which can require further evidence to be provided. For further details of the evidence required to apply for Baseline and Security Clearance please refer to the Defence Business Services National Security Vetting (DBS NSV) Agency.

At Thales we provide CAREERS and not only jobs. With Thales employing 80,000 employees in 68 countries our mobility policy enables thousands of employees each year to develop their careers at home and abroad, in their existing areas of expertise or by branching out into new fields. Together we believe that embracing flexibility is a smarter way of working.

Thales UK is committed to providing an inclusive and barrier-free recruitment process. We will provide reasonable adjustments and support to ensure neuro-diverse applicants or those with a disability or long-term condition can be their best during the recruitment process. To request an adjustment, if you need this job advert in an alternative format or if you have any questions about the recruitment process, please contact Resourcing Ops for mid to senior roles, or the Early Careers Team for graduate and apprentice roles.

Great journeys start here, apply now!