Tech Lead - SOC Responder

This role offers an exciting opportunity for an experienced tech manager to lead a talented Security Operations Centre (SOC) team at Colt. The SOC Operations Manager will ensure the centre operates at peak performance while driving continual improvement and aligning with Colt’s long‑term priorities.

Salary: up to £175k base, circa £260-300k total compensation.

• Manage SIEM and IR tools platforms, including design, implementation, administration, use‑case preparation, connector deployment, maintenance and health checks.
• Oversee operational activities, technology escalation support, security solution assessment, build activities, and mature existing services.
• Analyse potential infrastructure security incidents to determine if they qualify as legitimate security breaches.
• Establish and govern the security incident response processes, investigations, and security operational procedures.
• Maintain and enhance the formal service catalogue, service descriptions, targets, and performance metrics.
• Ensure security services, tools, and platforms are adequately maintained.
• Monitor and report on the effectiveness of security enforcing technologies.
• Identify and monitor specific security risks and KPIs, producing management information to demonstrate value from key security investments/services.
• Contribute to the design, development, and maintenance of security standards and controls.
• Align the team’s goals and plans with Colt’s long‑term priorities and strategy.
• Develop and grow talent and people capability within the security teams.

• 6+ years of Information Security Incident Response experience, focusing on detection and response to malicious activity using log data from various sources.
• Strong networking and systems experience, preferably in an enterprise environment.
• Deep understanding of information security and the threat landscape surrounding enterprise systems.
• Strong scripting experience in Python, PowerShell, or Unix shell.
• Demonstrated experience working in all phases of the SDLC.
• Proficiency with cyber security operations, security monitoring, endpoint (EDR), network, and SIEM tools.
• Prior SOC experience is a plus.
• Extensive knowledge of network and server security protocols, technologies, and products.
• Industry‑recognized certifications (CISSP, GCIH, GCFA, OSCP, etc.) preferred.
• Strong oral and written communication skills.
• Relentless curiosity and attention to detail.
• Ability to learn quickly and leverage prior experience to solve current security challenges.
• Willingness to challenge the status quo.
• Degree in Information Technology, Engineering, or similar.
• SIEM management experience; advanced certification from vendors such as ArcSight, Microsoft Sentinel, or LogRhythm is desirable.

• Flexible working hours and the option to work from home.
• Extensive induction program with experienced mentors and buddies.
• Opportunities for further development and educational opportunities.
• Global Family Leave Policy.
• Employee Assistance Program.
• Internal inclusion & diversity employee networks.

Colt embraces diversity and values diversity of thought and experience. From day one, you’ll be encouraged to be yourself, as we believe that authenticity helps our people thrive. We welcome individuals of diverse backgrounds, genders, sexual orientations, races, religions, disabilities, neuro‑diversity, ages, marital statuses, pregnancy statuses, and places of birth.