Lead, Security and Network Operations

Job Summary

To lead the Security and Network Operations Centre (SNOC) in protecting service availability and reducing security risk across a complex, multi-site, and multi-country technology estate. The role ensures effective real-time monitoring, rapid incident response, coordinated service restoration, governance of monitoring coverage, and continuous improvement of detection and response capabilities, in alignment with organisational IT and risk governance objectives.

Key Duties and Responsibilities

•         Lead, mentor, and manage SNOC Analysts, Engineers, and Incident Responders; oversee shift management, staff rotation, and quality assurance to maintain 24/7 operational discipline.

•         Lead end-to-end incident triage and command activities—from detection and investigation to containment, eradication, and restoration.

•         Maintain a single source of truth within the ITSM platform and determine escalation thresholds, including major incident declaration and executive communications.

•         Govern enterprise a and observability standards across data centre, LAN, WAN, cloud, remote access, and OT environments.

•         Oversee SIEM, EDR, SOAR, and firewall telemetry; ensure log ingestion, rule optimization, alert tuning, and automation workflows.

•         Coordinate threat intelligence gathering and distribution; ensure proactive threat hunting is performed regularly to identify undetected risks.

•         Drive proactive network performance monitoring to detect degradation before service impact.

•         Enforce operational change governance by reviewing change readiness and rollback validation; maintain the SNOC risk register and provide audit evidence.

•         Own root cause analysis (RCA), after-action reports, corrective action tracking, and repeat incident reduction.

•         Coordinate vulnerability tracking, scanning, and remediation efforts with patch management teams.

•         Manage escalation processes across L1/L2/L3 teams and external vendors; collaborate with IT Security, Infrastructure, Applications, and Business Units.

•         Develop and maintain runbooks, playbooks, and SOPs; drive automation initiatives to enhance alert quality and operational efficiency.

Education and Work Experience

•         Bachelor’s degree in computer science, Information Technology, Engineering, or related field.

•         7–12 years of IT operations experience.

•         Minimum 3 years leading a NOC, SOC, or combined SNOC function within a multi-site enterprise environment.

Functional Competencies

•         Strong enterprise networking operations expertise across data centre, campus LAN, WAN, cloud, and remote access environments.

•         Practical security operations experience, including SIEM and EDR alert triage and containment coordination.

•         ITIL-aligned incident and major incident management expertise.

•         Proficiency with monitoring and security tools (e.g., PRTG, FortiAnalyzer, Microsoft Sentinel, Microsoft Defender, Palo Alto, Fortinet, ServiceNow or equivalent ITSM platforms).

•         Ability to design and optimise triage workflows and escalation frameworks.

•         Vendor management and SLA governance capability.

•         Strong root cause analysis and problem management expertise.

•         Ability to develop and maintain operational runbooks and conduct simulation exercises.

•         Clear and concise executive communication and reporting skills.

•         Leadership capability in managing shift teams and enforcing quality standards.

Preferred Certifications

• ITIL Certification

• CCNP

• PCNSE or NSE

• Microsoft Azure Certifications

• Microsoft Sentinel Certification

• CISSP or equivalent

Benefits

•         Private Health Insurance.

•         Paid Time Off.

•         Opportunities for Professional Growth and Career Advancement.

•         Training and Development Programs.

•         Competitive Salary.

•         Collaborative and Supportive Work Environment.