You will bring: Experience working within a well-established SOC or cyber defence function Proven ability to lead or significantly shape SIEM/SOC operations A clear understanding of effective detection engineering and incident response practices Experience configuring, tuning, and optimising SIEM and endpoint security tooling (e.g. Sophos, Secureworks, or equivalent) The ability to take ownership and drive improvements, not just operate existing processes Strong analytical and communication skills, with the ability to provide clear, actionable insight Experience supporting or mentoring others, with the ability to share knowledge and raise overall team capability Relevant certifications (e.g. CISSP, CISM, GIAC or equivalent) are desirable, but practical experience and demonstrable impact are more important. Youre likely a good fit if: Youve worked in a SOC where effective processes and standards are already embedded You enjoy improving how things work, not just operating them Youre comfortable acting as a technical lead and trusted point of reference You take pride in developing others and promoting good practice. Please see Job Description and Person Specification for full details.