General information

Job Title
Lead Security Ops Manager
Ref #
9315
Location
Edinburgh
Department
IMS - Technology Leadership
Business Area
Technology
Working time
Full-Time
Date Published
01-08-2025

Serving our customers, communities, and planet a little better every day.

Job Title: Lead Security Ops Manager.

Work Level - 2

Location: Hybrid (Edinburgh/Glasgow/Newcastle-based)

Reporting To: Lead Senior Manager Security Operations


We deal in the personal – from pet insurance for your best friend, and home insurance for peace of mind, to motor insurance for your dream car or travel money for that trip you’ve worked hard for. And that means we always work with heart. Whether we’re helping our customers or looking after our people, you’ll find there’s a warmth and friendliness to everything we do.


Role Purpose:

The SOC Lead will be responsible for overseeing the performance and effectiveness of the outsourced Security Operations Centre (SOC). This role ensures that the third-party provider delivers robust security monitoring, incident response, threat hunting, and log management services. The SOC Lead will drive continuous improvement in detection capabilities, ensure alignment with business risk, and act as the key interface between internal stakeholders and the SOC provider.


Key Responsibilities:

SOC Oversight & Governance

• Act as the primary point of contact for the outsourced SOC provider.

• Monitor and report on SOC performance, ensuring adherence to SLAs and KPIs.

• Conduct regular service reviews and ensure continuous improvement initiatives are implemented.


Security Incident Response

• Oversee the incident response process, ensuring timely triage, escalation, and resolution of security incidents.

• Validate incident reports and ensure appropriate root cause analysis and remediation.

• Coordinate internal stakeholders during major incidents and post-incident reviews.


Use Case Development

• Collaborate with the SOC provider to define and refine detection use cases based on evolving threats and business needs.

• Ensure use cases are aligned with the threat landscape and regulatory requirements.

• Review and approve detection logic and tuning recommendations.


Threat Hunting

• Oversee proactive threat hunting activities conducted by the SOC.

• Ensure threat hunts are hypothesis-driven and informed by threat intelligence and business context.

• Review findings and ensure appropriate follow-up actions are taken.


SOC Processes & Playbooks

• Review and enhance SOC processes, workflows, and response playbooks.

• Ensure documentation is up-to-date and reflects current threat scenarios and business operations.

• Promote consistency and quality in SOC operations.


Log Onboarding & Visibility

• Manage the onboarding of new log sources into the SOC monitoring environment.

• Ensure log data is complete, timely, and relevant for detection and investigation.

• Work with internal teams and the SOC provider to resolve data quality or integration issues.


Key Skills & Experience:

• Strong experience in a SOC environment, ideally in a lead or oversight role.

• Deep understanding of security monitoring, SIEM/SOAR platforms, and incident response.

• Experience working with or managing third-party SOC providers.

• Familiarity with log management, threat hunting methodologies, and detection engineering.

• Knowledge of regulatory and compliance requirements relevant to the UK insurance sector.

• Experience with Endpoint Detection and Response (EDR) tools and their integration into SOC workflows.


Desirable Qualifications:

• Certifications such as GCIA, GCIH, GCFA, CISSP, or similar.

• Experience with cloud-native security monitoring (e.g., Azure Sentinel, AWS GuardDuty).

• Familiarity with MITRE ATT&CK, NIST CSF, or similar frameworks.


Personal Attributes:

• Strong analytical and critical thinking skills.

• Excellent communication and stakeholder engagement abilities.

• Proactive, detail-oriented, and able to work independently.


What’s in it for you?

• Prepare for your retirement with our colleague pension scheme.

• Private Healthcare for WL2 and Virtual GP Service for you and your family 365 days a year.

• Performance related annual bonus.

• Indulge in a generous holiday allowance with a minimum of 7.2 weeks, with the opportunity to buy holiday.

• Embrace the benefits of our Colleague Clubcard, enjoy a 10% discount that increase to 15% every payday. As an added perk, we’ll give you a second card to share with someone else.

• Green Car Leasing Scheme.

• Critical Illness cover.

• Benefit from our family-oriented initiatives, encompassing enhanced maternity leave pay, a shared parental leave policy, and a generous 8-week paid paternity leave.

• A place to get on - take advantage of our ongoing learning opportunities and award-winning training, to help you achieve the job and career you want.

• Take part in our Buy as you Earn and Save as you Earn share schemes.


Everyone’s welcome

We want all our colleagues to always feel welcome and be themselves. We’re committed to building a more inclusive workplace and celebrating everything that makes colleagues unique, and value the richness and diversity this brings to our business. A more diverse business helps us deliver on our purpose to serve our customers, communities, and planet a little better every day.

We also know the importance of balancing work with life’s other commitments. Please talk to us at interview about the flexibility you need, as we’re committed to exploring part time and flexible working opportunities, at every level of the organisation.


Interviews - August 2025.


Why Tesco Insurance and Money Services?

Seeing your impact all around you: there's no better feeling.

Lucky for us, we get to feel it all the time. Because whatever our role, we're helping our colleagues and serving our customers, communities and planet a little better every day.

We deal in the personal – from pet insurance for your best friend, and home insurance for peace of mind, to motor insurance for your dream car or travel money for that trip you’ve worked hard for.

Everything we do is about making things better. Not just for others, but for you too. It's why you'll get bags of choice and plenty of development. It's why you'll always be heard and find balance that works for you. It's why you'll feel totally at home in a place where everyone's welcome.

So, if you want a career where you can do good and feel good, you've found it.

Let's make everyday a little better.

Our story

Making Insurance and Money Services more rewarding and offering great value and choice - because we know little wins can make a big difference.

We began life in 1997 and now help more than 2 million customers protect what matters to them.

We want to deliver a helpful service in everything we do and to make life easier for our customers. Our policies are really easy to manage online for our customers, but we know that being able to speak to our customer service staff when you need to is really important. This is why our customer service centres are open seven days a week.

Delivering great customer service means having great people behind the scenes – people who understand our customers and are driven by doing the right thing for them. We offer colleagues a place where they can feel totally at home in a place where everyone's welcome, where they can be part of a great team focused on making a real difference for our customers.

How to apply

We value our people and diverse teams and believe the variety of backgrounds and experiences make us stronger to achieve our goals.

Our colleagues are working hybrid, taking time to meet with colleagues in our offices for moments that matter, such as team catch ups, planning meetings and more. If you’re interested in finding out more about what a career at Tesco Insurance and Money Services looks like, click apply to find out more!
Back to job list