About the role:

We are seeking a Senior Manager to lead the day-to-day technical delivery of our Managed Cyber Defence services. This role has direct responsibility for Analysis and Engineering teams, ensuring the effective running, stability, and continuous improvement of a 24/7 client facing cyber defence capability.

The role will focus on the operational delivery of services across a range of security platforms, including Microsoft Defender/Sentinel, Palo Alto Networks Cortex XDR/XSIAM, Google SecOps & CrowdStrike Falcon.

You will play a key role in ensuring services are efficient, resilient, and continuously improving - working closely with internal teams to evolve detection, response, and automation capabilities.

What your days will look like:

• Lead day‑to‑day operations across Analysis and Engineering teams delivering Managed Cyber Defence services.
• Ensure service stability, performance, and quality across client environments, acting as a senior escalation point for incidents and technical issues.
• Manage prioritisation and workload across teams, including leadership of complex client incidents and investigations.
• Own and optimise the security technology stack (primarily Microsoft Sentinel and Defender), driving effective use of AI and automation in the SOC.
• Identify opportunities to improve efficiency through automation and work closely with automation teams to evolve capabilities.
• Oversee operational reporting and support ongoing client interactions related to service delivery and performance.
• Provide technical leadership, maintain awareness of relevant security technologies, and drive continuous improvements in detection, response, and key SOC metrics (MTTD, MTTR, automation coverage).

The role is for you if:

• You have experience of embedding AI tooling within a SOC environment
• Experience with Microsoft Sentinel and Defender and strong knowledge of KQL.
• Experience in SOC, XDR, or managed security environments.
• Familiarity with Palo Alto, CrowdStrike, or Google tools is beneficial.
• Security operations, incident response, detection engineering.
• Cloud (Azure preferred), automation concepts.
• Experience leading technical teams in live service environments.
• Desirable: SC‑200 and/or GIAC certifications.

What you’ll receive from us:

No matter where you may be in your career or personal life, our benefits are designed to add value and support, recognising and rewarding you fairly for your contributions.

We offer a range of benefits including empowered flexibility and a working week split between office, home and client site; private medical cover and 24/7 access to a qualified virtual GP; six volunteering days a year and much more.