Back to search results

SOC Manager - Operations

Apply Apply

Apply for this role today

Join our amazing team with us today to start your new career


Who we are:
You may not have heard of us, but you'll know our brands! A.S. Watson is the world's largest international health and beauty retailer, with over 16.000 stores in 27 markets. Each year, over 5.3 billion customers and members shop with our well-known retail brands, both online and offline, including the likes of Kruidvat, Trekpleister, ICI Paris XL, Superdrug, The Perfume Shop, Marionnaud, Watson's, and many more.

At A.S. Watson, we fully understand the importance of cyber security. The world is more reliant on technology than ever before. It is essential to stay resilient against potential cyber threats or risks in an ever-changing world and environment. Cyber security threats have been a growing concern that should not be underestimated in recent years. The retail industry is often a desirable target for cybercriminals to retain precious customer information. All this needs to be protected from potential cyber threats, and that's where cyber security comes in. At A.S. Watson, our cyber security team strives to strengthen the cyber defense in the organization continuously. Our ultimate goal is to keep our organization safe and secure to enable employees and customers to work and conduct business in a safe environment. Are you helping us with protecting the company?

As a SOC Manager, you are part of the Group IT Function and primary responsibility for supporting Group IT Security with Global Cyber Security Operations activities under the Cyber Detection & Response Team. You will be accountable for the day-to-day management of the hybrid security operations team with the primary focus on SIEM Monitoring and Incident Response. They will provide a global service supporting the response to Cyber Security threats and continuous improvement of security monitoring and detection tools.

This role is expected to manage the security incident response escalation, operations reporting, process improvement, and participate in the strategic planning and operating model. You will report to the respective Global Senior Cyber Security Operations Manager and be under the Global Head of Cyber Security Operations strategic direction.

A typical day in this role includes:

  •  Manage day-to-day SOC operations;
  • Act as an escalation point for SOC team;
  • Coordinate the security incident response escalation;
  • Create and improve Management Reporting;
  • Create and maintain processes and procedures;
  • Assist in building use case logic and playbook; 
  • Day-to-day management of the SIEM platform;
  • Manage outsourced security vendor/service provider KPI and SLA;
  • Assist on the creation of various metrics, reporting, review of incident progress and compliance status;
  • Support Regional Security Operations to ensure the Security posture of business units are under the proper measure, monitor, and management.

SOC Incident response

  • Support the Incident Manager and Global Security Operations Team on incident management and remediation;
  • Manage critical and complex incidents;
  • Liaise with the Business IT Security Incident Coordinator on the remediation action items;
  • Assist in developing new ideas on how to improve the security Operations, Cyber Security Incident Response Process (CSIRP), handling guidelines and playbooks;
  • Where appropriate, work with the global SOC in the incident investigations.

Security Projects & Deployments

  •  Supports in the implementation of the SOC, its security tooling, and the resourcing.

This role would be a good fit for you if:

  •  You like working in a dynamic and international environment;
  • You are resilient, pro-active, self-motivated with the ability to keep calm when working under pressure.

What you'll need:

  •  Degree holder in Computer Science or related disciplines, or appropriate extensive experience;
  • At least seven years of experience in Information Security;
  • Experience in utilizing Splunk within a SOC and Incident Response environment;
    Experienced with Endpoint/Network Detection and Response, preferably Microsoft MDE and Vectra NDR, is a big plus;
  • GIAC Cyber Security Cert or CISSP qualification is also a big plus;
  • A sound understanding and working experience of Security Orchestration and Response tooling;
  • Hands-on Cyber security incident management within a SOC environment; 
  • Excellent knowledge of the hacker tactics and techniques and cyber kill chain process;
  • Have a good understanding of the business, analytics, and data visualization;
  • Strong problem-solving skills and fast learner;
  • Solid experiences on Information Security Management System and IT Service management;
  • Broad knowledge of cyber security concepts including antivirus and malware protection, vulnerabilities, web and application security;
  • Solid support experiences of enterprise security tools such as SIEM, SOAR, EDR, Enterprise Anti-virus, Vulnerability Management, and other supporting tools;
  • Well experienced in security incident handling;
  • Experience in various ticketing tools and/or security incident management tools;
  • Liaison skill & teamwork, passion & commitment mentality;
  • Good interpersonal and communication skills;
  • Excellent communication skills in English.

What you'll get from us:

  •  A job at a successful international company, that is constantly evolving. You'll never be bored!
  • An informal work environment;
  • You will be based at our office in Renswoude or Utrecht, but traveling within Europe is also involved (depending on the circumstances);
  • Competitive salary and benefits like travel allowance and a discount in your health insurance;
  • 30 days holiday with an option to buy More;
  • Excellent refer-a-friend scheme with up to € 1.000,00 up for grabs!
  • A fantastic learning and development offering to explore;
  • Discounts for you and your family from some our much-loved retailers in the Netherlands, including Kruidvat, Trekpleister and ICI Paris XL;
  • Lots of opportunities to get involved in wellbeing initiatives to support your physical and mental health;
  • …plus much More!  


Nijborg 17,Renswoude,Utrecht,3297 DA


Apply now to become part of more

By joining us, you will be part of More than just a health and beauty retail group. You’ll become part of an organisation which is well-recognised all over the world.