Security Operations Lead

Permanent | Hybrid (23 days onsite, Warrington)

Salary: c. £80,000 per annum + benefits

Security Clearance: SC Eligible (UK)

An organisation operating within the UK's critical national infrastructure sector is expanding its Cyber Security Operations capability and is seeking an experienced SOC Engineering Team Lead to play a key role in strengthening and modernising its security operations.

This is a senior, hands‑on leadership role, responsible for the engineering, optimisation and continuous improvement of SOC platforms and tooling in a highly regulated, mission‑critical environment.

Youll lead a specialist team of engineers, work closely with cyber operations and architecture functions, and help shape the long‑term cyber security roadmap.

• Lead the delivery, maintenance and continuous improvement of SOC engineering platforms and services
• Own the lifecycle management of SOC tooling, ensuring platforms are secure, scalable and reliable
• Oversee log ingestion pipelines, integrations and onboarding across hybrid environments
• Provide technical leadership across Microsoft Sentinel, Defender and Azure security services
• Drive automation and SOAR capability using Logic Apps and playbooks
• Work closely with detection engineers and threat hunters to enable effective use cases
• Manage supplier relationships and ensure services meet agreed SLAs and KPIs
• Monitor platform performance, costs, ingestion volumes and optimisation opportunities
• Contribute to long‑term SOC capability planning and cyber security strategy
• Line manage, mentor and develop a team of SOC engineers
• Communicate effectively with both technical and non‑technical stakeholders

• Proven experience in SOC engineering, security architecture or similar cyber security roles
• Strong leadership and people‑management capability
• In‑depth knowledge of Microsoft security technologies (Sentinel, Defender, Log Analytics, Azure)
• Experience with scripting and automation (PowerShell, Python, Logic Apps)
• Strong understanding of cyber security frameworks (MITRE ATT&CK, NCSC CAF, NIST CSF)
• Excellent communication skills and the ability to influence across teams
• A proactive, detail‑oriented and problem‑solving mindset
• Eligible for UK
• Security Clearance (SC)

• Microsoft security certifications (SC-200, AZ-500, SC-100)
• Experience working in regulated or high-assurance environments (e.g. critical infrastructure, defence, nuclear)
• Membership of professional bodies (e.g. CIISec, BCS)

Hybrid working: 23 days per week onsite in Warrington

Competitive salary of around £80,000 per annum

Comprehensive benefits package

Long‑term, permanent opportunity in a high‑impact environment

Opportunity to shape and build a critical SOC engineering capability.