Security Operations Lead (Incident Response)Location: DublinType: Full-TimeSalary: €90,000-€120,000
A growing security team is looking for a lead-level operator to take ownership of serious security events, support a seasoned SOC group, and tighten how threats are detected and handled across a broad enterprise environment. The position sits right in the operational core split between technical depth, steady leadership, and keeping communication clear when things get messy.
The work is highly visible, with a meaningful influence on how the wider security estate responds, escalates, improves, and prepares for the next incident.
The Role
Your focus will be steering the response to high-impact incidents, taking over complex escalations, and guiding the team during time-sensitive investigations. The day-to-day mix includes deep dives into unusual behaviour, structured command during critical events, proactive hunting, and helping shape how the team's tooling and processes evolve. You'll have direct access to engineering, infrastructure and cloud partners, giving you full reach across endpoint, network, and identity layers.
Primary Responsibilities
Lead the response to serious, multi-layered security incidents through containment, remediation and follow-up
Serve as the escalation point for junior and mid-level SOC analysts
Run coordinated incident calls and manage cross-team communication
Conduct advanced investigations and threat hunting across cloud, endpoint, and network data sources
Correlate telemetry from varied systems to identify emerging threats or odd behaviour
Recommend and embed improvements in detection, automation and SOC operations
Produce clear post-incident material and summaries for technical and non-technical stakeholders
Maintain and refine metrics and operational rhythm for the SOC
Work alongside threat intel, assessment and engineering teams to improve detection resilience
Skills & Experience
7+ years working in a security operations or incident-focused capacity
Strong, hands-on familiarity with detection and response tooling across EDR, logging, automation and cloud
Comfortable managing high-pressure incidents involving multiple parts of the business
Strong grasp of attacker techniques, investigation methods and threat hunting workflows
Experience guiding technical teams through complex escalations
Excellent written communication and structured documentation habits
Some exposure to malware analysis, application security or intel work is helpful but not mandatory
A genuine interest in automation, signal reduction, or the incoming wave of AI-assisted detection
Reperio Human Capital acts as an Employment Agency and an Employment Business.
#J-18808-Ljbffr