Key skills
AzureCloudAILeadership
About this role
Role Overview
- Lead day‑to‑day operations across Analysis and Engineering teams delivering Managed Cyber Defence services
- Ensure service stability, performance, and quality across client environments, acting as a senior escalation point for incidents and technical issues
- Manage prioritisation and workload across teams, including leadership of complex client incidents and investigations
- Own and optimise the security technology stack (primarily Microsoft Sentinel and Defender), driving effective use of AI and automation in the SOC
- Identify opportunities to improve efficiency through automation and work closely with automation teams to evolve capabilities
- Oversee operational reporting and support ongoing client interactions related to service delivery and performance
- Provide technical leadership, maintain awareness of relevant security technologies, and drive continuous improvements in detection, response, and key SOC metrics (MTTD, MTTR, automation coverage)
Requirements
- experience of embedding AI tooling within a SOC environment
- Experience with Microsoft Sentinel and Defender and strong knowledge of KQL
- Experience in SOC, XDR, or managed security environments
- Familiarity with Palo Alto, CrowdStrike, or Google tools is beneficial.
- Security operations, incident response, detection engineering
- Cloud (Azure preferred), automation concepts
- Experience leading technical teams in live service environments
- Desirable: SC‑200 and/or GIAC certifications
Tech Stack
- Azure
- Cloud
Benefits
- empowered flexibility and a working week split between office, home and client site
- private medical cover and 24/7 access to a qualified virtual GP
- six volunteering days a year and much more