SOC Principal - Threat Operations ****** Desired skills: SOC-principal, Threat-operations, Incident-response, Threat-hunting, Detection-engineering, SIEM-EDR SOC Principal - Threat Operations Location: Ireland Type: Full-Time Salary: €105,000 - €135,000 A mature security operations function is adding a senior technical lead to sit at the centre of threat operations.
This role exists to raise the bar on investigations, detection quality, and how complex threats are handled once they surface.
It's not a people-management-heavy position - it's a hands-on authority role for someone trusted to make the hard calls when signals are unclear and stakes are high.
The environment blends managed services scale with deep technical ownership, requiring someone comfortable moving between investigation, hunting, and strategic improvement work.
The Role You'll act as the senior escalation point for complex and ambiguous threats, guiding investigations that don't follow playbooks neatly.
Alongside this, you'll shape how the SOC detects, validates, and responds to advanced activity - working closely with detection engineering, threat intelligence, and incident response to close gaps and mature capability.
This is a role for someone who enjoys being inside the problem: validating alerts, challenging assumptions, refining logic, and quietly raising standards across the operation.
Key Responsibilities Lead investigations into high-severity or unclear threat activity escalated from the SOC Validate detections for technical accuracy, context, and real-world impact Drive proactive threat hunting using behavioural indicators, intelligence, and anomaly patterns Identify detection gaps and work with engineering teams to improve coverage and fidelity Act as the technical escalation point for senior analysts during complex cases Mentor analysts through investigations, not just outcomes Contribute to playbooks, investigative standards, and detection lifecycle improvements Support post-incident reviews and ensure lessons learned feed back into operations Collaborate across threat intel, detection engineering, and IR teams to strengthen end-to-end response Represent threat operations expertise in internal reviews and selected client discussions Skills