Job Specifications
The Head of Security Monitoring and Threat Hunting is accountable for the leadership, performance, and continuous improvement of the Security Operations Centre (SOC), across 3 countries (UK, India and Canada) delivering a resilient 24/7 cyber defence capability for a global organisation.
This role provides strategic and operational leadership across SOC operations, investigations, detection improvement, and automation. You would be responsible for developing a proactive, intelligence-led SOC that balances SLA performance with high-quality investigations and measurable risk reduction.
The role requires a visionary leader with strong people management skills, deep operational SOC experience, and a proven track record of modernising SOC capabilities through automation and AI.
Leadership Profile
Visionary, risk-focused SOC leader with strong operational discipline.
People focused leader with a track record of developing high-performing teams.
Strategic thinker capable of translating vision into successful outcomes.
Calm and decisive in high-pressure scenarios.
Key Responsibilities
SOC Operations & Service Delivery
Manage the delivery of a global, follow-the-sun SOC operation aligned to enterprise risk and business priorities.
Own SOC KPIs, SLAs, and quality metrics, ensuring performance targets are met without compromising investigation depth.
Ensure robust triage, escalation, and handover processes are consistently applied.
Maintain strong governance, documentation, and audit readiness.
Own the continuous tuning and optimisation of detection rules to reduce false positives and improve signal quality.
Leadership & People Management
Provide line management, direction, and coaching to SOC Leads, ensuring consistent operational standards across all shifts.
Set clear objectives, performance measures, and development plans for SOC Leads.
Build a high-performing, resilient SOC culture focused on professionalism, accountability, and continuous improvement.
Ensure effective workforce planning, shift coverage, and succession planning within a 24/7 operating model.
Work with other cross functional leaders/teams to implement efficient business processes and support the overall maturity of the Cyber function.
Proactive Investigations & Threat Hunting
Establish and embed a proactive investigation and threat hunting capability.
Drive a shift from reactive alert handling to proactive-driven investigations.
Oversee case quality, root cause analysis, and post-incident reviews.
AI, Automation & SOC Transformation
Lead the implementation and operational adoption of AI-driven triage and SOAR automation.
Automate low-level case handling and enrichment to reduce analyst workload and improve efficiency.
Improve MTTD and MTTR while maintaining appropriate controls and oversight.
Strategy, Governance & Continuous Improvement
Define and deliver a SOC maturity and capability roadmap aligned to enterprise cyber strategy and UK regulatory expectations.
Track emerging threats, technologies, and industry best practice to continuously evolve the SOC.
Required Experience & Skills
4+ years proven experience managing a 24/7 SOC within a large enterprise environment.
Demonstrated line management experience of SOC Leads and Analysts.
Strong background in security investigations, triage, and escalation.
Experience leading or establishing proactive threat hunting.
Practical experience implementing AI, SOAR, and automation within SOC operations.
Understanding of modern threat actor tradecraft.
Ability to balance SLA performance with investigation quality and analyst wellbeing.
Strong stakeholder management and executive communication skills.
Experience operating in regulated UK environments (e.g. financial services).
Experience delivering SOC maturity transformation.
Desirable Qualifcations
CISSP, CISM, or GIAC certifications (GCIA, GCIH, GCED).
Admiral: Where You Can
We take pride in being a diverse and inclusive business. It's a place where you can Be You, and show up as you are. We’re committed to fostering a people-first culture where everyone is accepted, supported, and empowered to be brilliant. You can, Grow And Progress at a pace and direction that suits you, Make A Difference for our customers and each other, and Share in Our Future with all colleagues eligible for up to £3,600 of free shares each year after one year of service.
Everyone receives 33 days holiday (including bank holidays) when they join us, increasing the longer you stay with us, up to a maximum of 38 days (including bank holidays). You also have the option to buy or sell up to an additional five days of annual leave.
We’re proud of our people-first culture. In fact, we've been recognised as a Great Place to Work for Women, a Great Place to Work for Wellbeing, and an overall Great Place to Work for over 25 years! We’re fully committed to making sure your progression is not slowed or halted by barriers related to race, gender, age, sexuality or any of th
About the Company
We're Wales’ only FTSE 100 company with forward-thinking approaches and endless opportunities to test, learn and grow. There's a reason we've been named one of the best places to work in the UK: our progressive culture, core values, and commitment to diversity and inclusion has created a working environment where people share ideas, aren’t afraid to speak up and change things, and above all, are felt valued.
Based on innovation and organic growth Admiral has grown from being a small start-up into one of the largest car insu...
Know more