At a Glance
- Tasks: Lead and optimise security platforms to enhance threat detection and reduce false positives.
- Company: Join a leading healthcare technology firm dedicated to patient care across the UK.
- Benefits: Competitive salary, health benefits, and opportunities for professional growth.
- Other info: Dynamic role with significant influence on security operations and patient care systems.
- Why this job: Make a real impact on healthcare security while working with cutting-edge technologies.
- Qualifications: Hands-on experience with security platforms like Darktrace and CrowdStrike is essential.
The predicted salary is between 60000 - 80000 £ per year.
Are you an experienced security professional with deep, hands-on expertise across security platforms and detection engineering? Do you want to take ownership of how security tooling performs at scale — improving detection quality, reducing noise, and ensuring threats are effectively identified across complex environments?
About the Team / Business Area
The Security Operations team sits at the core of our organisation, protecting nationally critical healthcare systems that support frontline patient care across the UK. Operating within a highly regulated environment, the team is responsible for SOC oversight, vulnerability management, attack surface monitoring, and real-time threat detection across enterprise, cloud, and network platforms. This function plays a critical role in ensuring system resilience, maintaining regulatory compliance, and enabling the secure delivery of healthcare services at scale.
About the Role
As the Security Detection & Tooling Lead, you will take ownership of the performance, optimisation, and governance of key security platforms and detection capabilities. This is a senior, hands-on engineering role focused on improving how threats are detected across the organisation. You will drive improvements in detection quality, reduce false positives, and ensure security tooling is used effectively and efficiently across all environments. This role requires proven, hands-on, administrator-level experience across core security platforms (including Darktrace, CrowdStrike, and Google SecOps). Candidates without this level of direct platform ownership and administration experience will not be suitable.
Working closely with SOC, Security Engineering, and wider technology teams, you will define detection standards, influence tooling strategy, and ensure security controls remain aligned to risk.
Key Responsibilities:
- Own and optimise core security platforms (SIEM, EDR, NDR, SASE), ensuring performance, utilisation, and governance
- Design, build, and tune detection logic to improve alert fidelity and reduce noise
- Drive improvements in detection coverage using frameworks such as MITRE ATT&CK
- Partner with SOC teams to enhance incident detection, triage, and response outcomes
- Identify opportunities to rationalise tooling, improve efficiency, and reduce operational overhead
- Develop and implement automation to improve workflows and reduce manual effort
- Produce reporting on detection performance, coverage gaps, and platform effectiveness
- Define and maintain detection and tooling standards across Security Operations
What You'll Bring:
You are a hands-on, technically strong security professional with experience operating and optimising security tooling at scale. You take ownership of platforms and outcomes, focusing on delivering measurable improvements in detection capability and operational efficiency. You are comfortable working across teams, influencing change, and applying a structured, analytical approach to improving security operations.
Key Skills, Experience & Qualifications
Essential
- Strong experience in Security Operations, Detection Engineering, or Security Tooling roles
- Hands-on administration and engineering experience across security platforms (SIEM, EDR, NDR or equivalent)
- Hands-on, administrator-level experience with Darktrace, CrowdStrike, and Google SecOps (minimum, non-negotiable requirement)
- Proven experience designing, building, and tuning detections to improve alert quality and reduce false positives
- Experience working closely with SOC teams to improve detection and response outcomes
- Solid understanding of detection frameworks and methodologies (e.g. MITRE ATT&CK)
Ready to Join Us? At EMIS / Optum UK, we are a leader in healthcare technology, supporting professionals across primary care, community services, pharmacy, and beyond. This is an opportunity to take ownership of detection and tooling capability within a complex, high-impact environment — directly contributing to the protection of systems that underpin patient care across the UK. If you are looking for a role where you can lead, optimise, and make a measurable impact, we would welcome your application.
Lead Security Engineer in Basingstoke employer: OptumUK
At EMIS / Optum UK, we pride ourselves on being an exceptional employer, offering a dynamic work culture that fosters collaboration and innovation within our Security Operations team. Our commitment to employee growth is evident through continuous training opportunities and the chance to lead critical security initiatives that protect healthcare systems across the UK. Join us to make a meaningful impact in a supportive environment where your expertise will be valued and your contributions will directly enhance patient care.
StudySmarter Expert Advice🤫
We think this is how you could land Lead Security Engineer in Basingstoke
✨Tip Number 1
Network like a pro! Reach out to folks in the industry, attend meetups, and connect with potential colleagues on LinkedIn. You never know who might have the inside scoop on job openings or can put in a good word for you.
✨Tip Number 2
Show off your skills! Create a portfolio or a GitHub repository showcasing your projects and achievements in security tooling and detection engineering. This gives you a chance to demonstrate your hands-on experience and technical prowess.
✨Tip Number 3
Prepare for interviews by brushing up on your knowledge of security platforms like Darktrace and CrowdStrike. Be ready to discuss your past experiences and how you've optimised security tooling — this is your time to shine!
✨Tip Number 4
Don't forget to apply through our website! It’s the best way to ensure your application gets noticed. Plus, we love seeing candidates who are proactive about their job search.
We think you need these skills to ace Lead Security Engineer in Basingstoke
Some tips for your application 🫡
Tailor Your CV:Make sure your CV reflects the specific skills and experiences mentioned in the job description. Highlight your hands-on experience with security platforms like Darktrace and CrowdStrike, as we want to see how you can contribute to our team.
Craft a Compelling Cover Letter:Use your cover letter to tell us why you're passionate about security operations and how your background aligns with our mission. Share specific examples of how you've improved detection capabilities in previous roles — we love a good story!
Showcase Your Technical Skills:Don’t shy away from detailing your technical expertise in your application. We’re looking for candidates who can demonstrate their hands-on experience with security tooling and detection engineering, so make it clear how you’ve used these skills effectively.
Apply Through Our Website:We encourage you to apply directly through our website. This way, your application will be processed more efficiently, and you'll have the chance to explore more about our company culture and values while you're at it!
How to prepare for a job interview at OptumUK
✨Know Your Tools Inside Out
Make sure you have a solid understanding of the security platforms mentioned in the job description, like Darktrace, CrowdStrike, and Google SecOps. Be prepared to discuss your hands-on experience with these tools, including specific examples of how you've optimised their performance or improved detection capabilities.
✨Demonstrate Your Analytical Skills
Since the role requires a structured, analytical approach, come ready to showcase your problem-solving skills. Think of scenarios where you've identified gaps in detection or improved alert fidelity, and be ready to explain your thought process and the outcomes.
✨Familiarise Yourself with Detection Frameworks
Brush up on detection frameworks like MITRE ATT&CK. Be prepared to discuss how you've applied these methodologies in your previous roles to enhance incident detection and response. This shows that you not only understand the theory but can also implement it effectively.
✨Collaborative Mindset is Key
This role involves working closely with SOC teams and other technology groups. Prepare to talk about your experience collaborating across teams, influencing change, and how you’ve contributed to improving security operations in a team setting. Highlight any successful projects where teamwork was essential.
