Security Operations Lead (Incident Response)
200000
Desired skills:
Incident-response, SOC-operations, Threat-hunting, Detection-engineering, security, team lead
Security Operations Lead (Incident Response)
Location: Dublin
Type: Full-Time
Salary: €90,000-€120,000
A growing security team is looking for a lead-level operator to take ownership of serious security events, support a seasoned SOC group, and tighten how threats are detected and handled across a broad enterprise environment. The position sits right in the operational core split between technical depth, steady leadership, and keeping communication clear when things get messy.
The work is highly visible, with a meaningful influence on how the wider security estate responds, escalates, improves, and prepares for the next incident.
The Role
Your focus will be steering the response to high-impact incidents, taking over complex escalations, and guiding the team during time-sensitive investigations. The day-to-day mix includes deep dives into unusual behaviour, structured command during critical events, proactive hunting, and helping shape how the team's tooling and processes evolve. You'll have direct access to engineering, infrastructure and cloud partners, giving you full reach across endpoint, network, and identity layers.
Primary Responsibilities
1. Lead the response to serious, multi-layered security incidents through containment, remediation and follow-up
2. Serve as the escalation point for junior and mid-level SOC analysts
3. Run coordinated incident calls and manage cross-team communication
4. Conduct advanced investigations and threat hunting across cloud, endpoint, and network data sources
5. Correlate telemetry from varied systems to identify emerging threats or odd behaviour
6. Recommend and embed improvements in detection, automation and SOC operations
7. Produce clear post-incident material and summaries for technical and non-technical stakeholders
8. Maintain and refine metrics and operational rhythm for the SOC
9. Work alongside threat intel, assessment and engineering teams to improve detection resilience
Skills & Experience
10. 7+ years working in a security operations or incident-focused capacity
11. Strong, hands-on familiarity with detection and response tooling across EDR, logging, automation and cloud
12. Comfortable managing high-pressure incidents involving multiple parts of the business
13. Strong grasp of attacker techniques, investigation methods and threat hunting workflows
14. Experience guiding technical teams through complex escalations
15. Excellent written communication and structured documentation habits
16. Some exposure to malware analysis, application security or intel work is helpful but not mandatory
17. A genuine interest in automation, signal reduction, or the incoming wave of AI-assisted detection
Reperio Human Capital acts as an Employment Agency and an Employment Business.
Recruiter not found