Key Requirements: 

• Proven experience in IT Security Operations or Security Engineering/Management roles
• Strong expertise in Cloud & Endpoint Security, including:
  • Microsoft 365 security (Defender, Entra ID)
  • Microsoft Azure security services
  • AWS security tooling and architecture
• Hands-on experience in Incident Response & Operational Security, including detection, triage, containment, and post-incident reviews
• Deep understanding of SIEM and SOAR platforms (e.g., Sentinel, Splunk, QRadar) for monitoring, automation, and response orchestration
• Experience with EDR/XDR solutions (e.g., Microsoft Defender for Endpoint, CrowdStrike)
• Strong knowledge of vulnerability management processes and tools (scanning, prioritisation, remediation tracking)
• Familiarity with threat intelligence sources, analysis, and operational integration
• Experience leading or contributing to security operations centre (SOC) functions
• Proven ability in building, mentoring, and developing high-performing security teams
• Strong understanding of security frameworks (e.g., NIST, ISO 27001, MITRE ATT&CK)
• Ability to work with cross-functional teams (IT, DevOps, cloud engineering) to embed security into operations
• Strong incident leadership skills under pressure and ability to drive root cause analysis and continuous improvement