In this role you will: Lead and manage a multi-disciplinary engineering team, ensuring high-quality delivery across cyber security operations, infrastructure, and cloud services. Collaborate with stakeholders across HMRC to align cyber engineering efforts with strategic objectives and to ensure secure and, resilient services. Drive continuous improvement in tooling, automation, and operational processes by designing, implementing and maintaining end-to-end service configuration. Work with vendors and HMRC stakeholders on service delivery, to ensure the Security Incident Event Management (SIEM) platform is secure and available to all end-users. Provide technical direction and mentorship, supporting team members in developing their expertise and achieving their potential. Champion a culture of learning and development, supporting apprentices, fast streamers, and industrial placements within the team. Person specification: The successful candidate will be a proactive and analytical problem solver, capable of designing and implementing solutions that support the maintenance and modernisation of existing platforms. They will play a key role in shaping and evolving the team’s DevSecOps strategy, including the development of tooling, policies, and procedures in driving modern DevOps and CI/CD practices for reliable and secure services. The role requires strong interpersonal skills and the ability to engage effectively with both technical and non-technical stakeholders, as well as experience in managing supplier relationships to ensure alignment with organisational goals. Essential Criteria: Proven experience leading technical teams in infrastructure, cloud, or cyber security environments. Strong technical background in networking, public cloud technologies (e.g., AWS, Azure). Solid understanding of cyber detection and response technologies and tooling such as Security Incident Event Management (SIEM), Endpoint Detection and Response (EDR), Network and Endpoint Security tools. Excellent communication skills, with the ability to tailor technical information to different audiences, especially with vendors and third-party subject matter experts. Strong organisational skills, with the ability to manage competing priorities and deliver in a fast-paced environment. Excellent understanding of Docker, Git, Hashicorp, and Kubernetes, as part of Continuous Improvement /Continuous Development CD). Excellent understand of architecting and deploying SIEM, SOAR or threat intelligence tooling. Solid understanding of cyber risk, security principles and operational practices including coverage outside of normal business hours. Qualifications – evidence of at least one of: Bachelors degree in cyber security or a related field, SANS certification, Splunk Enterprise Certified Architect, Splunk Enterprise Certified Admin, Red Hat Enterprise Linux (RHEL) System Administration, AWS or Azure architecture, Certified Information Systems Security Professional (CISSP), Certified Information Systems Manager (CISM). Additional Security Information Please note: Candidates must hold Security Check (SC) vetting as a minimum and be willing to obtain and maintain Developed Vetting (DV) status.