Paul Clayton is a SOC manager at Airbus Protect’s Newport campus. With five years’ experience in the role, he has a wealth of expertise. Some of which he’s passing on to his daughter Heather, who joined Airbus Protect in 2022 as a project controller.
We sat down with Paul to learn more about his career trajectory – from the military to cybersecurity – and to get his top tips for anyone thinking of applying to our open SOC jobs at Airbus Protect.
First up, we have to ask, what’s it like to work alongside a family member?
Enjoyable. Heather is new to this kind of work, so it’s good that I’m there to offer her a helping hand when she comes across the hundreds of three-word acronyms we use daily.
There’s a lot of jargon to get to grips with when you start working in cyber. But it’s all part of the challenge – every day in this job is different!
Can you explain your path to becoming a SOC manager?
It started when I was still in the military. In the summer of 2005, I was posted to the UK’s Joint Cyber Unit, which was responsible for the protective monitoring of military networks. I ended up staying for three years to train and work shifts, and for a final year as a shift supervisor.
After this, I took off my uniform and walked across the Ministry of Defence’s Global Operations Security Control Centre (GOSCC) floorplate to join Airbus as a shift analyst – where I stayed for four years. My next role was as a contractor for NATO’s Computer Incident Response Capability Technical Centre in the Supreme Headquarters Allied Powers Europe (SHAPE) in Belgium.
In April 2014, I returned to Airbus as a contractor working in the GOSCC, first as an analyst and then as a cyber engineer. Finally, in the summer of 2017, I was asked to take over as the SOC manager of both the military and commercial SOC. I accepted the role and have been in the post since.
What does a typical day consist of for you?
Firstly, making sure that there are enough staff working to provide the protective monitoring solution that our customers pay for. This is crucial to meeting the SLAs and KPIs in our contracts. Linked to this, I ensure that all personnel are inputting their hours correctly – both accurately and on time.
In a typical day, I also run or join several calls with both our first line managers and our customers.
Lastly, I always have one eye on the personal development of the team, as this is crucial to ensuring we have the right skills in place.
Why did you choose to specialise in cybersecurity – particularly the SOC?
As I mentioned, it all goes back to my days in the military, when I was posted to the Joint Cyber Unit and trained to become a cybersecurity analyst.
After starting the role and carrying out training, I realised that I really enjoyed the challenge, and it quickly became my passion. I even set up my own lab back home and continued to improve my cyber and networking knowledge!
As my RAF career came to end, I joined Airbus. Several of my ex-JCU colleagues were already working here and they highly recommended the company.
Is there an assignment or project that stood out for you?
This one dates back to when I first took over as SOC manager. We were onboarding a brand-new customer into the SOC, and it felt like a huge challenge, as I’d never been involved in anything like it before.
I was responsible for setting up new processes, liaising with the customer, and working closely with the transition team to ensure a smooth handover of the new protective monitoring system. And of course, a lot of new documentation was required – such as work instructions for the new equipment and applications we were deploying.
Bringing this new customer on board took a lot of work and dedication from myself and the team. We needed to ensure that all the customer requirements were met, and that the critical national infrastructure customer was well looked after. I learned a huge amount during this process that I still rely on today.
What are the qualities required to be effective in cybersecurity?
The world of cybersecurity is huge, and it’s impossible to become a subject matter expert in all elements. The security landscape is forever evolving, and one of the major qualities you need to thrive is a willingness to continually learn and adapt. It’s essential that we try and stay abreast of security concepts and best practices.
A good understanding of TCP/IP and networking is also a major advantage. And analytical and problem-solving skills are a must, along with both good verbal and written communication skills. I also can’t overstate the importance of being a team player.
Any advice for people interested in a SOC job?
You must have a genuine passion for cybersecurity. I’ve done many interviews during my time as SOC manager, and it quickly becomes obvious if the candidate has a real desire to work in a SOC, or is just looking to do a job for the money. Anyone who has a genuine interest in cyber will be keeping abreast of all the latest news.
For anyone new to the world of cybersecurity, I’d recommend using some of the free websites (like TryHackMe) to learn some basic pentesting skills. CompTIA and EC-Council also offer some good cybersecurity training and certifications that will help you stand out among the many CVs we receive.
Last but not least, what’s the best career lesson you’ve learned so far?
Stay technical – no matter how senior you get. I enjoy the managerial side of my job, but I do miss the day-to-day involvement – “getting your hands dirty” as the saying goes. To make up for it, I dedicate time to keeping up with new technical trends and developments.
Interested in SOC jobs at Airbus Protect? Check out our current job openings.