Threat Intelligence/Operations Lead - SC Cleared - Inside IR35
Posted on May 8, 2025 by SR2 - Socially Responsible Recruitment
London, United Kingdom
IT
Immediate Start
£500 - £550 Daily
Contract/Project
SR2 are working with a key consultancy client who are looking for a Threat Intelligence & Threat Operations Lead to drive the threat-led direction of a intelligence-focused SOC supporting a critical national security programme. This is a high-impact leadership role requiring a blend of hands-on expertise, stakeholder influence, and strategic vision.
The successful candidate will be responsible for embedding a threat-informed detection strategy across operational, tactical, and strategic levels-guiding both current delivery and future capability uplift. Working within a multi-tenant environment under a federated SOC structure, you will have direct influence on shaping priorities, upskilling the team, and integrating threat intelligence with SOC output at scale.
Key Responsibilities
The successful candidate will be responsible for embedding a threat-informed detection strategy across operational, tactical, and strategic levels-guiding both current delivery and future capability uplift. Working within a multi-tenant environment under a federated SOC structure, you will have direct influence on shaping priorities, upskilling the team, and integrating threat intelligence with SOC output at scale.
Key Responsibilities
- Provide strategic leadership across threat intelligence and threat operations, ensuring alignment with wider organisational risk appetite and threat posture.
- Lead the definition and execution of threat modelling and detection priorities, including mapping to MITRE ATT&CK and other relevant frameworks.
- Act as the technical authority and thought leader for intelligence-led detection within a growing multi-tenant SOC, managing ~2TB/day log ingestion.
- Translate complex threat actor behaviours and geopolitical risks into actionable detection strategies.
- Oversee the development and continual refinement of Splunk-based detection logic in coordination with engineering and analyst teams.
- Advise senior stakeholders on emerging threats, operational risks, and strategic mitigation opportunities.
- Mentor and upskill SOC analysts and content developers, elevating threat understanding across the team.
- Contribute to longer-term planning around how threat intelligence and detection capabilities evolve as the service scales into a future strategic SOC.
- Proven track record in leading threat intelligence or threat operations functions within a SOC or cyber defence capability.
- Experience operating in a strategic advisory capacity, influencing senior decision-makers across government or highly regulated sectors.
- Deep understanding of cyber threats, actor TTPs, and the integration of threat intelligence into detection and response processes.
- Expertise in developing threat-informed detection strategies using frameworks such as MITRE ATT&CK, Cyber Kill Chain, etc.
- Familiarity with SIEM platforms-Splunk strongly preferred-and understanding of detection logic life cycle.
- Strong interpersonal and communication skills; capable of engaging confidently with technical and non-technical stakeholders.
- Active SC clearance.
- The team supports a federated SOC environment operating beneath a centralised national SOC.
- You'll join at a time of transformation, as the service scales from interim delivery into a long-term strategic capability.
- This is a highly visible role with scope to shape the future operating model, define detection priorities, and mentor future leaders within the SOC function.
Reference: 2945132728
https://jobs.careeraddict.com/post/103283500
Threat Intelligence/Operations Lead - SC Cleared - Inside IR35
Posted on May 8, 2025 by SR2 - Socially Responsible Recruitment
London, United Kingdom
IT
Immediate Start
£500 - £550 Daily
Contract/Project
SR2 are working with a key consultancy client who are looking for a Threat Intelligence & Threat Operations Lead to drive the threat-led direction of a intelligence-focused SOC supporting a critical national security programme. This is a high-impact leadership role requiring a blend of hands-on expertise, stakeholder influence, and strategic vision.
The successful candidate will be responsible for embedding a threat-informed detection strategy across operational, tactical, and strategic levels-guiding both current delivery and future capability uplift. Working within a multi-tenant environment under a federated SOC structure, you will have direct influence on shaping priorities, upskilling the team, and integrating threat intelligence with SOC output at scale.
Key Responsibilities
The successful candidate will be responsible for embedding a threat-informed detection strategy across operational, tactical, and strategic levels-guiding both current delivery and future capability uplift. Working within a multi-tenant environment under a federated SOC structure, you will have direct influence on shaping priorities, upskilling the team, and integrating threat intelligence with SOC output at scale.
Key Responsibilities
- Provide strategic leadership across threat intelligence and threat operations, ensuring alignment with wider organisational risk appetite and threat posture.
- Lead the definition and execution of threat modelling and detection priorities, including mapping to MITRE ATT&CK and other relevant frameworks.
- Act as the technical authority and thought leader for intelligence-led detection within a growing multi-tenant SOC, managing ~2TB/day log ingestion.
- Translate complex threat actor behaviours and geopolitical risks into actionable detection strategies.
- Oversee the development and continual refinement of Splunk-based detection logic in coordination with engineering and analyst teams.
- Advise senior stakeholders on emerging threats, operational risks, and strategic mitigation opportunities.
- Mentor and upskill SOC analysts and content developers, elevating threat understanding across the team.
- Contribute to longer-term planning around how threat intelligence and detection capabilities evolve as the service scales into a future strategic SOC.
- Proven track record in leading threat intelligence or threat operations functions within a SOC or cyber defence capability.
- Experience operating in a strategic advisory capacity, influencing senior decision-makers across government or highly regulated sectors.
- Deep understanding of cyber threats, actor TTPs, and the integration of threat intelligence into detection and response processes.
- Expertise in developing threat-informed detection strategies using frameworks such as MITRE ATT&CK, Cyber Kill Chain, etc.
- Familiarity with SIEM platforms-Splunk strongly preferred-and understanding of detection logic life cycle.
- Strong interpersonal and communication skills; capable of engaging confidently with technical and non-technical stakeholders.
- Active SC clearance.
- The team supports a federated SOC environment operating beneath a centralised national SOC.
- You'll join at a time of transformation, as the service scales from interim delivery into a long-term strategic capability.
- This is a highly visible role with scope to shape the future operating model, define detection priorities, and mentor future leaders within the SOC function.
Reference: 2945132728
Alert me to jobs like this:
Amplify your job search:
Expert career advice
Increase interview chances with our downloads and specialist services.
Visit Blog