This is a hands-on Senior technical role within a Cyber Defence function, responsible for managing incident response activities and working closely with a hybrid SOC model.
You’ll help drive 24/7 monitoring effectiveness, rapid incident response, and continuous improvements in detection and response through automation, testing, and strong operational governance.
What You’ll Do
Lead hands-on cyber incident response activities, including investigation, containment, and remediation
Coordinate with SOC providers, internal cyber teams, and IT teams during security incidents
Improve detection quality, response SLAs, and SOC operational effectiveness
Develop and maintain incident response playbooks and response automation
What We’re Looking For
10+ years of cybersecurity or IT experience, including 6+ years in SOC or Incident Response roles
Experience working with outsourced SOC or managed security services
Strong crisis management, communication, and cross-team collaboration skills
Hands-on experience with SIEM, EDR, SOAR, and threat intelligence tooling
Ability to turn threat intelligence and incident learnings into improved detections and response automation.
Certifications such as CISM, GIAC, OSCP, CEH, or similar
Experience measuring and improving SOC metrics (MTTD, MTTR, detection coverage)
Scripting or automation skills (Python, PowerShell, etc.)
Familiarity with regulatory frameworks and reporting obligations (e.g., NIS2, GDPR)
If you are interested in this position and have the experience listed please send your CV to katie.cowzer@realtime.jobs
#J-18808-Ljbffr