An exciting newly created role for a Security Operations Lead, joining a specialist software company at a pivotal stage of growth.
This is a hands-on leadership role at the heart of Platform Engineering. You'll run the security working group, own the vulnerability management lifecycle, and embed security across development, platform, and product. Making it a shared responsibility, not a siloed function.
You'll need sharp technical instincts, sound judgement, and the ability to make complex risk legible to an executive audience.
What You'll Do:
Security Leadership
- Lead the security working group, setting priorities and driving resolution
- Translate threat intelligence into actionable engineering tasks and deliver monthly risk summaries to the ELT
Vulnerability & Incident Management
- Own the full vulnerability lifecycle: discovery, triage, remediation, and reporting
- Coordinate incident response and set risk-based remediation timelines
Security Tooling
- Own and evolve the security tool stack (SAST, DAST, SCA, secrets management) and integrate it into CI/CD pipelines
- Drive adoption of dependency scanning, artifact verification, and SBOM tooling, ensuring tools produce signal, not noise
Experience:
- Strong application and infrastructure security background in cloud-native environments, with hands-on experience across CI/CD, containerisation, and infrastructure-as-code
- Deep understanding of common vulnerability classes (OWASP Top 10 and beyond) and practical experience with SAST, DAST, SCA, and secrets scanning tooling
- Proven end-to-end vulnerability management and incident response experience, including supply chain risk mitigation
- The ability to assess risk and make clear prioritisation calls, even with imperfect information
- A track record of leading cross-team security initiatives without direct authority, aligning stakeholders with competing priorities
- Experience improving security culture across engineering teams with diverse tech stacks
- Strong communicator, able to move between engineering detail and board-level risk narrative with ease
- Familiarity with ISO 27001, Cyber Essentials+, or similar frameworks is a bonus
Benefits:
- Private healthcare
- Life assurance & income protection
- Enhanced maternity
- Electric vehicle & cycle to work salary sacrifice
- Pension with NI savings & matched share scheme
- Flexible working & employee discounts
Please apply now if you are meeting the above criteria or contact Andrew Harrison directly.
Skills:
Security leadership Vulnerability management Cloud-native CI/CD integration Security tooling
Benefits:
Work From Home
WHJS1_NI
”, “datePosted”: “2026-05-06”, “hiringOrganization”: { “@type”: “Organization”, “name”: “Ocho”, “sameAs”: “https://uk.whatjobs.com/pub_api__cpl__424421135__4861?utm_campaign=publisher&utm_medium=api&utm_source=4861&geoID=936” }, “jobLocation”: { “@type”: “Place”, “address”: { “@type”: “PostalAddress”, “addressLocality”: “Belfast” } } }An exciting newly created role for a Security Operations Lead, joining a specialist software company at a pivotal stage of growth.
This is a hands-on leadership role at the heart of Platform Engineering. You’ll run the security working group, own the vulnerability management lifecycle, and embed security across development, platform, and product. Making it a shared responsibility, not a siloed function.
You’ll need sharp technical instincts, sound judgement, and the ability to make complex risk legible to an executive audience.
What You’ll Do:
Security Leadership
- Lead the security working group, setting priorities and driving resolution
- Translate threat intelligence into actionable engineering tasks and deliver monthly risk summaries to the ELT
Vulnerability & Incident Management
- Own the full vulnerability lifecycle: discovery, triage, remediation, and reporting
- Coordinate incident response and set risk-based remediation timelines
Security Tooling
- Own and evolve the security tool stack (SAST, DAST, SCA, secrets management) and integrate it into CI/CD pipelines
- Drive adoption of dependency scanning, artifact verification, and SBOM tooling, ensuring tools produce signal, not noise
Experience:
- Strong application and infrastructure security background in cloud-native environments, with hands-on experience across CI/CD, containerisation, and infrastructure-as-code
- Deep understanding of common vulnerability classes (OWASP Top 10 and beyond) and practical experience with SAST, DAST, SCA, and secrets scanning tooling
- Proven end-to-end vulnerability management and incident response experience, including supply chain risk mitigation
- The ability to assess risk and make clear prioritisation calls, even with imperfect information
- A track record of leading cross-team security initiatives without direct authority, aligning stakeholders with competing priorities
- Experience improving security culture across engineering teams with diverse tech stacks
- Strong communicator, able to move between engineering detail and board-level risk narrative with ease
- Familiarity with ISO 27001, Cyber Essentials+, or similar frameworks is a bonus
Benefits:
- Private healthcare
- Life assurance & income protection
- Enhanced maternity
- Electric vehicle & cycle to work salary sacrifice
- Pension with NI savings & matched share scheme
- Flexible working & employee discounts
Please apply now if you are meeting the above criteria or contact Andrew Harrison directly.
Skills:Security leadership Vulnerability management Cloud-native CI/CD integration Security tooling
Benefits:Work From Home
WHJS1_NI
…