Head of Cyber Security Operations (CSOC)

Head of Cyber Security Operations (CSOC) Exeter (Hybrid – 2 days onsite) Day Rate: £850 (Umbrella) / £616.61 (PAYE) SC Cleared  An enterprise government backed organisation is seeking a Head of Cyber Security Operations to define, build and lead its Cyber Security Operations Centre (CSOC). This is a critical leadership role, responsible for protecting the organisation against real-time cyber threats, driving incident response, and ensuring resilience across a complex technology estate. Our client is offering a 6 month rolling contract, paying up to £850 PD Inside IR 35 to start ASAP to be based in Exeter 2 days per week. This is a high-impact opportunity to shape cyber strategy at an enterprise level, working closely with senior stakeholders and external agencies to strengthen security posture and response capability. You will play a key role in building and evolving the CSOC capability, operating within a highly visible and business-critical function, with regular engagement across senior leadership and external partners. To be successful, you will hold active SC clearance and bring proven experience working within Central Government, the Public Sector, or highly regulated scientific environments. Key Responsibilities Define and lead the Cyber Security Operations Centre (CSOC), ensuring effective detection, response, and remediation of cyber incidents Own and continuously improve the cyber incident response plan, ensuring readiness across the organisation Provide strategic cyber security advice to senior leadership on monitoring, logging, and threat response Establish a use-case driven monitoring and alerting capability to improve threat detection and response times Oversee threat intelligence, vulnerability management, and proactive risk mitigation across the estate Lead the analysis of network traffic and behaviours, identifying threats and communicating insights to the wider business Define and manage cyber security operations strategy, aligned to organisational risk appetite and government guidance Manage stakeholders and external agencies, including regulatory bodies where required Identify and plan cyber investment requirements across tooling, governance, and team capabilityCore Experience Required Proven experience leading a Security Operations Centre (SOC/CSOC) or cyber security operations function Strong background in incident response, threat detection, and cyber resilience Hands-on experience with SIEM, IDS/IPS, endpoint security, and monitoring tools Solid understanding of threat intelligence, vulnerability management, and remediation practices Knowledge of cyber frameworks and regulations including GDPR, NIS, and National Cyber Security Centre guidance Familiarity with frameworks such as MITRE ATT&CK and ITIL processes Experience operating within complex, regulated environments (e.g. public sector, financial services) Strong stakeholder management skills, with the ability to influence at senior level