SOC Manager - Operations

  • Renswoude, Nijborg 17
  • 32-40 uur per week

About the role
You may not have heard of us, but you'll know our brands! A.S. Watson is the world's largest international health and beauty retailer, with over 16.000 stores in 27 markets. Each year, over 5.3 billion customers and members shop with our well-known retail brands, both online and offline, including the likes of Kruidvat, Trekpleister, ICI Paris XL, Superdrug, The Perfume Shop, Marionnaud, Watson's, and many more.

At A.S. Watson, we fully understand the importance of cyber security. The world is more reliant on technology than ever before. It is essential to stay resilient against potential cyber threats or risks in an ever-changing world and environment. Cyber security threats have been a growing concern that should not be underestimated in recent years. The retail industry is often a desirable target for cybercriminals to retain precious customer information. All this needs to be protected from potential cyber threats, and that's where cyber security comes in. At A.S. Watson, our cyber security team strives to strengthen the cyber defense in the organization continuously. Our ultimate goal is to keep our organization safe and secure to enable employees and customers to work and conduct business in a safe environment. Are you helping us with protecting the company?

As a SOC Manager, you are part of the Group IT Function and primary responsibility for supporting Group IT Security with Global Cyber Security Operations activities under the Cyber Detection & Response Team. You will be accountable for the day-to-day management of the hybrid security operations team with the primary focus on SIEM Monitoring and Incident Response. They will provide a global service supporting the response to Cyber Security threats and continuous improvement of security monitoring and detection tools.

This role is expected to manage the security incident response escalation, operations reporting, process improvement, and participate in the strategic planning and operating model. You will report to the respective Global Senior Cyber Security Operations Manager and be under the Global Head of Cyber Security Operations strategic direction.

A typical day in this role includes

  • Manage day-to-day SOC operations;
  • Act as an escalation point for SOC team;
  • Coordinate the security incident response escalation;
  • Create and improve Management Reporting;
  • Create and maintain processes and procedures;
  • Assist in building use case logic and playbook; 
  • Day-to-day management of the SIEM platform;
  • Manage outsourced security vendor/service provider KPI and SLA;
  • Assist on the creation of various metrics, reporting, review of incident progress and compliance status;
  • Support Regional Security Operations to ensure the Security posture of business units are under the proper measure, monitor, and management.

SOC Incident response

  • Support the Incident Manager and Global Security Operations Team on incident management and remediation;
  • Manage critical and complex incidents;
  • Liaise with the Business IT Security Incident Coordinator on the remediation action items;
  • Assist in developing new ideas on how to improve the security Operations, Cyber Security Incident Response Process (CSIRP), handling guidelines and playbooks;
  • Where appropriate, work with the global SOC in the incident investigations.

Security Projects & Deployments

  •  Supports in the implementation of the SOC, its security tooling, and the resourcing.

What you'll get in return?

  • A job at a successful international company, that is constantly evolving. You'll never be bored!
  • An informal work environment;
  • You will be based at our office in Renswoude or Utrecht, but traveling within Europe is also involved (depending on the circumstances);
  • Competitive salary and benefits like travel allowance and a discount in your health insurance;
  • 30 days holiday with an option to buy More;
  • Excellent refer-a-friend scheme with up to € 1.000,00 up for grabs!
  • A fantastic learning and development offering to explore;
  • Discounts for you and your family from some our much-loved retailers in the Netherlands, including Kruidvat, Trekpleister and ICI Paris XL;
  • Lots of opportunities to get involved in wellbeing initiatives to support your physical and mental health;
  • …plus much More!  

This is you
This role would be a good fit for you if:

  • You like working in a dynamic and international environment;
  • You are resilient, pro-active, self-motivated with the ability to keep calm when working under pressure.

What you'll need:

  • Degree holder in Computer Science or related disciplines, or appropriate extensive experience;
  • At least seven years of experience in Information Security;
  • Experience in utilizing Splunk within a SOC and Incident Response environment;
  • Experienced with Endpoint/Network Detection and Response, preferably Microsoft MDE and Vectra NDR, is a big plus;
  • GIAC Cyber Security Cert or CISSP qualification is also a big plus;
  • A sound understanding and working experience of Security Orchestration and Response tooling;
  • Hands-on Cyber security incident management within a SOC environment; 
  • Excellent knowledge of the hacker tactics and techniques and cyber kill chain process;
  • Have a good understanding of the business, analytics, and data visualization;
  • Strong problem-solving skills and fast learner;
  • Solid experiences on Information Security Management System and IT Service management;
  • Broad knowledge of cyber security concepts including antivirus and malware protection, vulnerabilities, web and application security;
  • Solid support experiences of enterprise security tools such as SIEM, SOAR, EDR, Enterprise Anti-virus, Vulnerability Management, and other supporting tools;
  • Well experienced in security incident handling;
  • Experience in various ticketing tools and/or security incident management tools;
  • Liaison skill & teamwork, passion & commitment mentality;
  • Good interpersonal and communication skills;
  • Excellent communication skills in English.

We invite you to apply for this job via the apply button (‘solliciteer online’). By clicking on this button, you will be forwarded to this vacancy on our A.S. Watson Group Careerpage, where you are able to learn More about A.S. Watson Group.

Reisafstand naar je nieuwe baan?

Wil je weten hoe ver je moet lopen, fietsen of rijden naar je werk? Bereken hieronder je reistijd!

Wat is je reistijd

Wat is je reistijd?

Vul je postcode in, dan berekenen wij hoe lang je er over doet om fris op je werk te komen.

Wat is je reistijd?

Zet deze lekkere Spotify Playlist op onderweg,
dan ben je er zo.

Solliciteren bij A.S. Watson Benelux in 5 stappen

Als je gaat solliciteren bij A.S. Watson Benelux wil je natuurlijk weten wat je kunt verwachten. Ons sollicitatieproces bestaat uit 5 stappen:

01. 01.


Solliciteer online via de button in een vacaturetekst. Je hoeft alleen je gegevens in te vullen en je cv en eventueel je motivatiebrief te uploaden.

02. 02.


De Recruiter bekijkt en beoordeelt je sollicitatie. Je krijgt telefonisch of via e-mail een reactie.

03. 03.


Als we je sollicitatie interessant vinden, nodigen we je uit voor een kennismakingsgesprek.

04. 04.


Voor sommige functies zullen we je vragen om een (online) assessment in te vullen of deel te nemen aan een dag assessment.

05. 05.

Aan de slag!

Zijn wij na de gesprekken enthousiast en jij ook? Dan kun je zo snel mogelijk aan de slag!

SOC Manager - Operations ... iets voor jou?

  • Renswoude, Nijborg 17
  • 32-40 uur per week