I think, if size allows it, every company should have an in-house SOC. Bonus points if it is 24/7. I believe you can do this with 8 or so analysts. A few have to be seniors to coach juniors. Platform management (IPS, Firewalls ...etc.) can be outsourced but I had REALLY bad experiences with MSPs and MSSPs. And I worked with a lot of big name companies. They all sucked. Never takes proper responsibility and always does the bare minimum by taking shortcuts versus doing it right. What you end up with at the end is years' worth of technical debt and lost tribal knowledge when you change vendors.