Overview
The Lead Information Security Analyst plays a critical role in leading and delivering the organization's information security roadmap through both technical IR expertise and operational leadership. This role combines hands‑on security operations with team leadership responsibilities, acting as the primary technical focal point for SOC and Incident Response activities. The Lead will be responsible for managing team priorities, overseeing sprint planning and execution, and ensuring high-quality delivery of security operations. Working in a dynamic environment, you will provide technical leadership, guidance, and consultancy across the business, helping strengthen the organization's security posture while ensuring efficient and consistent service delivery. You will collaborate closely with Security Architecture, Engineering, Governance, Risk & Compliance, IT, and business stakeholders to drive continuous improvement across monitoring, detection, and response capabilities.
Responsibilities
- Serve as the technical focal point for SOC and Incident Response activities, leading complex investigations and acting as the primary escalation point for operational and technical issues.
- Provide technical leadership, mentorship, and guidance to SOC analysts and IR team members to strengthen team capabilities and promote knowledge sharing.
- Manage SOC and IR operations, including workload distribution, task prioritization, sprint planning, execution, follow‑ups, and tracking of team performance to ensure efficient delivery.
- Oversee and continuously improve security monitoring, detection, logging, alerting, and incident response capabilities, driving enhancements in automation and orchestration.
- Lead and support vulnerability management activities across the organization, ensuring timely identification, prioritization, and remediation of security risks.
- Develop, maintain, and optimize security processes, playbooks, and runbooks to enhance operational effectiveness and response consistency.
- Collaborate with Security Architecture, Engineering, GRC, Delivery, Product, and Planning teams to define security requirements and align security initiatives with business objectives and risk appetite.
- Provide strategic security expertise by advising stakeholders on emerging threats, security risks, mitigation strategies, and opportunities to strengthen the organization's overall security posture.
Qualifications
- Proven experience in SOC and Incident Response (IR) operations, including hands‑on leadership of complex security investigations and operational activities.
- Strong technical expertise with security technologies, including EDR/XDR solutions (e.g., Microsoft Defender for Endpoint), SIEM/SOAR platforms (e.g., Splunk), and threat detection, investigation, and response methodologies.
- Demonstrated experience in proactive threat hunting, hypothesis‑driven investigations, and identifying emerging threats across enterprise environments.
- Solid understanding of cloud and endpoint security, with practical experience securing AWS and Azure environments and managing Microsoft security technologies.
- Strong leadership, stakeholder management, and communication skills, with experience managing team priorities, sprint execution, technical decision‑making, and familiarity with security frameworks such as NIST 800 and ISO 27001.
Benefits
- Family support – industry‑leading maternity and paternity leave and paid time off for caring responsibilities.
- Perks and discounts – discounts at a range of high‑street retailers; gym discounts and a cycle‑to‑work scheme.
- Financial compensation, pension, and bonus schemes.
- Health & wellbeing – tools and services to support mental health and financial education.
- Hybrid working – up to 80 % remote work, with 20 % office time to ensure collaborative team interactions.
We are an equal opportunity employer and embrace diversity, equity, and inclusion.
