2 jobs found

Job Description We're recruiting a Senior Information Security Analyst to support the Chief Information Security Officer in protecting and enhancing the organisation's security posture across Technology Services. This is a hands-on, operational role focused on monitoring, analysing and responding to security threats, while driving continuous improvement across our security operations capability. You'll play a key role in incident response, threat intelligence, vulnerability management and ensuring effective use of our security tools and processes to reduce risk across the technology estate. Key responsibilities Monitor, triage and respond to security alerts and events, ensuring effective prioritisation based on risk and impact Act as a first responder for security incidents, including participation in on-call support Analyse security data and alerts to identify trends, risks and potential threats Act as an escalation point for information security queries from colleagues and service delivery teams Support and coordinate patch management activities, validating effectiveness through vulnerability scanning Oversee and operate key security technologies, including SIEM, email and web gateways, and endpoint protection tools Monitor external threat intelligence sources and assess relevance to the organisation Produce and report on security metrics, KPIs and operational performance Technical expertise Good understanding of information security principles, risk management and the threat landscape Experience of operating and monitoring security tooling, including SIEM, endpoint protection, and email/web security solutions Ability to proactively conduct threat hunting activities and develop or enhance detection analytics to improve identification of malicious activity Awareness of cloud security controls and standards Experience of managing enterprise systems, including Microsoft Active Directory, Windows and Linux Knowledge of network security technologies, including proxies, end point security tools and data loss prevention controls are highly advantageous Skills and experience Experience working within recognised information security frameworks (e.g. ISO27001, NIST) Proven experience in an information security role, preferably within financial services or e-commerce Strong analytical capability, with the ability to interpret data and support decision-making Ability to take ownership of tasks and deliver through to completion Confident in providing challenge to improve security outcomes Effective communication skills, both written and verbal Well organised, with strong attention to detail and the ability to manage competing priorities Demonstrates a commitment to continuous professional development (e.g. CISSP or equivalent) About AJ Bell AJ Bell is one of the UK's fastest-growing investment platform businesses, providing award-winning solutions for everyone, from professional financial advisers to first-time investors. Today, over 644,000 customers trust us to manage more than £103.3 billion of assets. By continually striving to make investing simpler and more accessible, we're helping more people take control of their financial futures. We're proud to be recognised as one of the UK's Best 100 Companies to Work For, for six consecutive years, and a Great Place to Work in 2025 and 2026 a reflection of our supportive and collaborative culture. What we offer 26 days holiday, increasing with service + buy/sell scheme + bank holidays 7% Pension with matched contributions Discretionary bonus scheme Share schemes (including free shares and BAYE) Health Cash Plan and discounted private healthcare Free onsite gym Enhanced family leave (subject to qualifying criteria) Travel and bike loan schemes Employee Assistance Programme Life at AJ Bell Regular social events including summer and Christmas parties Learning and development opportunities tailored to you Casual dress code Friendly, supportive team environment Our ways of working We offer hybrid working, with a minimum of 50% of your working time per month spent in the office. For new starters, there's an initial period of full-time office working to help you settle in and build relationships. Inclusion & diversity We're committed to creating an inclusive environment where everyone feels respected and able to be themselves at work. We welcome applications from all backgrounds and make hiring decisions based on skills, experience and potential.

Role Overview We are seeking an experienced and hands-on SOC Operations Technical Lead to lead a team of SOC Analysts operating in a 24/7/365 environment. This is a senior, technically focused leadership role within our Managed Security Services (MSSP) function, reporting directly to the Head of SOC Operations. You will act as the senior technical authority, driving excellence in threat detection, incident response, and security operations across a diverse, multi-client portfolio. While you will lead and mentor a team, this is not a purely managerial role. You will remain deeply involved in technical delivery, acting as an escalation point, leading complex investigations, and continuously improving SOC capabilities. Key Responsibilities Team Leadership & SOC Operations Lead day-to-day SOC operations across all shifts, ensuring consistent 24/7 coverage Manage shift schedules, handovers, and on-call rotations Act as the primary escalation point for security incidents and analyst queries Ensure high-quality triage, investigation, and response aligned to SOC processes Drive team development through training, coaching, and technical mentoring Ensure accurate and timely case management (HALO) and delivery against SLAs Technical Leadership & Continuous Improvement Provide expert guidance on threat detection, incident response, and threat hunting Lead escalations for complex or high-severity incidents across client environments Develop and optimise detection rules, playbooks, and automation Improve SOC tooling (SIEM, EDR/XDR, SOAR) and operational processes Design and maintain advanced detection use cases and correlation logic Client Engagement & Consulting Act as a trusted advisor to clients, supporting security reviews and incident analysis Translate technical findings into clear, actionable recommendations Support continuous improvement of client security posture Collaboration Work closely with Threat Intelligence, Engineering, and Incident Response teams Enhance detection capability through intelligence sharing and tool optimisation Align processes to strengthen overall security operations effectiveness Strategic Contribution Identify opportunities to enhance MSSP services and capabilities Monitor emerging threats, technologies, and industry trends Ensure compliance with regulatory standards and internal frameworks Skills & Experience Essential 7+ years in Security Operations, including 3-4 years in a senior/lead SOC role Strong hands-on experience with: SIEM (e.g. Microsoft Sentinel, CrowdStrike) EDR/XDR (e.g. CrowdStrike, Microsoft Defender, Carbon Black) SOAR and threat intelligence platforms Proven expertise in threat hunting and incident response Experience developing and tuning detection rules in multi-tenant environments Strong automation skills to improve SOC efficiency Excellent client-facing and communication skills Desirable Certifications such as CISSP, GIAC (GCIH, GCIA, GREM), SC-200 or SC-300 Experience in cloud security operations Background in MSSP or consulting environments Familiarity with frameworks such as NIST, ISO27001, or ITIL Key Competencies Strong technical depth with the ability to simplify complex concepts Excellent analytical and problem-solving skills under pressure Confident communicator with strong stakeholder engagement skills Collaborative leadership style with a focus on mentoring and development Ability to manage multiple priorities in a fast-paced SOC environment