Job Description We are seeking a Security Operations Technical Lead to join our Cyber Security team. This role is responsible for the technical delivery of day-to-day security operations, including incident response, escalation handling, and the management of core cyber defence platforms. This is a hands-on role requiring advanced technical capability. The successful candidate will act as a technical escalation point, mentor team members, and ensure the ongoing resilience of our security operations. What You’ll Do Lead and prioritise day-to-day security operations, including incident response, monitoring, ticket escalations, and workload distribution. Own and tune enterprise security tools (SIEM, EDR, PAM, Email gateway, cloud security platforms). Act as the primary escalation point for complex incidents and investigations. Maintain and improve operational runbooks, playbooks, and reporting. Work closely with our SOC partner to ensure 24/7 detection and response coverage. Act as a bridge between Security and IT Operations, helping translate security priorities into operational actions and gaining buy-in from technical peers. Drive continuous improvement initiatives by identifying gaps, proposing solutions, and ensuring lessons learned from incidents feed back into processes and tools. Provide technical guidance and mentorship to security engineers and analysts, fostering skill development and knowledge sharing.
