I are looking for an accomplished cyber security leader to head up incident response and operational security functions within a fast-paced, enterprise-scale environment. You will oversee a dedicated team responsible for monitoring, detecting, investigating, and responding to threats 24/7, while working closely with senior stakeholders across the business to ensure rapid, effective action against risks.
Key Responsibilities
* Build and maintain a robust incident response framework, ensuring readiness through training, simulations, and tabletop exercises.
* Direct the resolution of high-severity incidents, coordinating IT, legal, HR, and communications teams as required.
* Lead investigations, including endpoint analysis, network traffic review, malware examination, log correlation, and digital forensics.
* Drive continuous improvement with root cause analysis, lessons learned, and implementation of corrective measures.
* Oversee and optimise security technologies (SIEM, EDR/XDR, SOAR), ensuring integration and automation for efficiency.
* Collaborate with monitoring teams to triage alerts, identify genuine threats, and prioritise remediation.
* Provide leadership, mentoring, and career development support to the incident response team.
* Contribute to the design and implementation of security controls and enterprise architecture improvements.
* Ensure operational security practices comply with recognised frameworks and regulatory standards.
Skills & Experience
* 5+ years in senior security operations or incident response leadership roles.
* Strong expertise in threat detection, containment, and digital investigation.
* Hands-on knowledge of SIEM, SOAR, and EDR/XDR platforms within enterprise environments.
* Experience in vulnerability management, insider threat detection, and data protection.
* Familiarity with MITRE ATT&CK and other cyber defence models.
* Proficiency in at least one scripting language (Python, PowerShell, etc.) for automation.
* Solid understanding of network security, cloud platforms, and enterprise operating systems.
* Security certifications (GCFA, GCFE, GCIH, CISSP, or equivalent) highly regarded.
* Skilled communicator, able to engage effectively with both technical teams and senior executives.
* Previous exposure to managed or shared security services is an advantage.