At a Glance
- Tasks: Lead security operations and respond to cyber incidents with cutting-edge tools.
- Company: Join AJ Bell, a top investment platform known for its supportive culture.
- Benefits: Enjoy competitive salary, 26 days holiday, health plans, and a casual dress code.
- Other info: Hybrid work model with a focus on inclusion and diversity.
- Why this job: Make a real impact in cybersecurity while working with innovative technologies.
- Qualifications: 7+ years in Security Operations and strong analytical skills required.
The predicted salary is between 45000 - 49000 £ per year.
Requirements
- Strong hands‑on experience with Security Operations tools and capabilities, including SIEM and SOAR platforms such as Sentinel, Service Now, Splunk SOAR and Cortex
- Strong hands‑on experience with Endpoint Detection and Response or Extended Detection and Response tools
- Strong hands‑on experience with Threat Intelligence platforms such as Recorded Future, Doppel, Zero Fox and Google Threat Intelligence
- Strong hands‑on experience with vulnerability management solutions such as Tenable and Rapid7
- Strong hands‑on experience with Insider Risk and DLP tools such as Purview and Netskope
- Strong hands‑on experience with network security solutions such as next generation firewalls, network anomaly, WAF and DDo S solutions
- Experience leading and responding to cyber incident response aligned to NIST
- Knowledge of threat detection techniques and use case development
- Experience applying threat intelligence in an operational context
- Strong experience with vulnerability management tools and processes
- Strong awareness of cloud services and supporting security controls and monitoring capabilities
- Working knowledge of Microsoft security stack including Defender, Sentinel and Purview, Active Directory and Azure AD, and Windows and Linux environments
- Experience with data loss prevention and insider risk tooling is advantageous
- Hands‑on experience with automation and scripting such as Power Shell and Python is highly desirable
- Experience working within recognised information security frameworks and best practices such as ISO27001, NIST and MITRE ATT&CK
- Knowledge of relevant regulatory requirements such as GDPR and FCA or PRA
- Experience in an information security role within a financial services environment is preferred
- Minimum 7 years experience in a Security Operations role
- At least 3 years experience operating in a Lead or Senior Analyst role
- Strong analytical and investigative capability
- Ability to work under pressure and manage multiple concurrent incidents and priorities
- Strong ownership of tasks, attention to detail and follow‑through to conclusion
- Ability to provide technical leadership without formal line management responsibility
- Ability to challenge approach, tooling and processes to improve operational effectiveness
- Structured, self‑starting and able to work on own initiative
- Effective written and verbal communication skills
- Ability to plan, organise and deliver tasks with minimal supervision
- Collaborative approach to working with analysts, engineering teams and external partners
- Strong focus on quality, consistency and continuous improvement
Responsibilities
- Act as the primary technical escalation point for security events and incidents identified by our Security Operations team
- Support the Head of Security Operations in ensuring we have the capability to detect and respond to security events and incidents
- Oversee the day‑to‑day execution of security operations, ensuring alerts and incidents are handled in line with defined processes and SLAs
- Ensure our security operations SLAs and OLAs are met, including alert triage, escalation and incident response timelines, and raise risks where required
- Ensure adherence to our KRIs and KPIs and elevate any variation to the Head of Security Operations
- Provide hands‑on support in the investigation and response to security incidents, including endpoint, identity, network, cloud and insider‑related threats
- Ensure consistent execution and continuous improvement of incident response playbooks and operational runbooks, validating them through real incidents and simulations
- Support the optimisation and tuning of security monitoring and detection capabilities, including SIEM and endpoint tooling, to improve signal quality and reduce false positives
- Support the end‑to‑end vulnerability management process, including validation of findings and tracking remediation activities
- Work closely with MSSP and security vendors to ensure effective delivery of security operations services
- Challenge and validate vendor outputs to drive operational efficiency, quality improvements and better use of tooling capabilities
- Design and implement automation and orchestration to reduce manual effort, repetitive or high‑volume tasks, improve response times and increase consistency across security operations processes
- Work with the Security Engineering team to ensure tooling, logging and detection gaps are identified and addressed
- Support the effective operation of 24x7 security monitoring, including coordination with third‑party providers
- Contribute to operational MI and reporting, ensuring accuracy and insight into security trends and performance
- Maintain visibility of security incidents, trends and operational risks, escalating issues where required
- Technologies
- Active Directory
- Azure
- Cloud
- Support
- Linux
- Network
- Power Shell
- Python
- Security
- Service Now
- Splunk
- WAF
- Windows
- More
We are AJ Bell, one of the UKs fastest‑growing investment platform businesses, helping people invest more simply and accessibly through easy‑to‑use solutions for ISAs, pensions and dealing accounts.
We are trusted by more than 723,000 customers and manage over £108.7 billion of assets.
We are proud to be recognised as one of the UKs Best 100 Companies to Work For for six consecutive years and as a Great Place to Work in 2025 and 2026, reflecting our supportive and collaborative culture.
We offer a competitive starting salary, 26 days holiday plus a buy/sell scheme and bank holidays, a 7% pension with matched contributions, discretionary bonus scheme, share schemes, health cash plan, discounted private healthcare, free gym, enhanced family leave, travel and bike loan schemes, and an employee assistance programme.
We also offer regular social events, tailored learning and development opportunities, a casual dress code and a friendly, supportive team environment.
We work on a hybrid basis, with a minimum of 50% of working time per month in the office, and new team members spend an initial period full‑time in the office to build relationships and immerse themselves in our business.
We are committed to inclusion and diversity and welcome applications from all backgrounds.
- last updated 27 week of 2026
- #J-18808-Ljbffr
Contact Details:
AJ Bell Business Solutions Limited Recruitment Team