Senior SecOps Engineer

Job Purpose

The Senior Security Operations Engineer is responsible for defining the strategic direction of plan.com’s defensive security capability while remaining deeply hands-on across all aspects of security operations.

Building on the existing Security Operations (Blue Team) function, you will shape the future of security at plan.com by defining the vision, architecture, and roadmap to mature our cyber security posture across endpoint, infrastructure, and network environments.

This role combines advanced threat detection, monitoring, and incident response with leadership responsibilities, including process development, tooling strategy, and embedding a security-first culture across the organisation.

You will act as the senior technical authority for cyber security, mentoring team members, advising executive leadership on cyber risk, and collaborating across internal and external stakeholders to ensure compliance with security best practices and regulatory requirements.

Main Duties and Responsibilities

Security Strategy & Leadership

• Define, own, and evolve the security operations strategy, vision, and roadmap
• Shape the development of the Security Operations (Blue Team) function into a proactive, intelligence-led capability
• Advise executive leadership on cyber risk and security strategy

Threat Detection, Monitoring & Incident Response

• Own threat detection, monitoring, triage, and response across all environments
• Lead incident investigation, containment, eradication, and recovery activities
• Conduct proactive threat hunting and root cause analysis
• Develop and tune detection rules, use cases, and correlation logic
• Maintain and improve Incident Response Plans (IRP) and playbooks
• Establish and lead threat intelligence capability, translating TTPs into detection controls

Security Architecture & Infrastructure

• Architect, harden, and maintain secure configurations across networks, infrastructure, and systems
• Oversee security across Windows, Linux, and virtualised environments
• Manage cloud security posture across multi-cloud environments
• Define and enforce security baselines, policies, and configuration standards
• Support identity and access management (IAM/PAM) frameworks

Vulnerability & Risk Management

• Own the vulnerability management lifecycle from identification to remediation
• Prioritise vulnerabilities based on risk, including Red Team findings
• Coordinate remediation with engineering and infrastructure teams
• Define and report on security posture, risks, and trends

DevSecOps & Engineering Integration

• Embed security into DevOps pipelines through secure-by-design principles
• Implement automation and infrastructure-as-code security controls
• Ensure secure configuration of all exposed platforms and services

Tooling, Vendor & Compliance

• Lead selection, evaluation, and integration of security tooling and vendors
• Own proof-of-concept testing and vendor relationships
• Ensure compliance with frameworks including ISO 27001, PCI-DSS, GDPR, NCSC, TBMS, and TSA
• Support internal and external security audits

Leadership, Mentoring & Collaboration

• Mentor and develop Security Operations team members
• Act as escalation point for complex security issues
• Collaborate with DevOps, infrastructure, compliance, and legal teams
• Contribute to business continuity and disaster recovery planning
• Support non-security operational tasks where required

Person Specification

Personal Qualities

Essential

• Strategic thinker able to balance hands-on engineering with leadership responsibilities
• Calm, composed, and effective under pressure, especially during incident response
• Strong communicator able to translate technical risk into executive-level insight
• Naturally curious with a passion for continuous learning and development
• Collaborative and able to influence across technical and non-technical stakeholders

Knowledge, Skills and Attributes

Essential

• 5+ years’ experience in security operations or cyber defence roles
• Strong hands-on experience with SIEM, EDR/XDR, DLP, MDM, and firewall technologies
• Proven capability in threat detection, investigation, threat hunting, and incident response
• Deep expertise in Microsoft 365 and Azure security (Defender suite, Sentinel, IAM, Conditional Access, MFA)
• Strong networking knowledge (TCP/IP, VPNs, VLANs, NAT)
• Experience administering Windows and Linux environments
• Strong scripting and automation skills (PowerShell, Python, or Bash)
• DevSecOps experience integrating security into CI/CD pipelines

Desirable

• Experience advising executive leadership or board-level stakeholders on cyber risk
• Familiarity with regulatory frameworks (ISO 27001, PCI-DSS, GDPR, NCSC, TBMS, TSA)
• Knowledge of MITRE ATT&CK, adversary TTPs, or purple-team methodologies
• ITIL certification or service management experience

Education and Qualifications

Desirable

• Industry-recognised security certification (e.g. Microsoft Security Engineer, Azure Security Architect, CCSK, CEH or equivalent experience)
• Cyber security fundamentals certification (e.g. Security+, ISO 27001 Foundation or equivalent)

What’s in it for you?

We’ll drive you to push your limits and develop your existing knowledge and skills. We actively promote open-ended learning and hope our people grab these opportunities with both hands. Bonus scheme and recognition awards:

What to expect with a career at plan.com

Our team and technology are driven by one clear vision - to be exceptional.

Established in 2014, plan.com has been revolutionising the mobile industry with its technology-led approach to business communications for over a decade now.

We’re disruptors; we do things a bit differently. We’re innovative, self-motivated, groundbreaking and relentlessly growing. This means we’re constantly on the lookout for talented people who share our passion and dedication to grow with us.

So, if you’re ready for a new challenge, get in touch. We’d love to hear from you.

About plan.com

plan.com was named the fastest growing tech company in the UK by the Sunday Times in the latest Hiscox Tech Track 100 league in 2018, the Second Best Mid-Sized Company to Work For and the Number 1 Best Telecom's Company to Work For in 2021.

From the word go, our focus has been to be disruptive and upset the status quo. It’s our ongoing mission to become THE force to be reckoned with and, with the help of our people and partners, we have dragged business communications kicking and screaming into the 21st Century.

Thanks to our portal, we’ve torn up the rulebook and changed the industry. It gives our partners unprecedented levels of flexibility and control, helping them to delight customers and deliver exceptional service, even when they're away from their desks.

Along with our outstanding customer service and impressive commercials, it’s the reason we’re number one.

Why work on the Isle of Man

Breathtaking natural landscapes, rugged coastlines and rich cultural heritage make the Isle of Man a stunning place to live and work, ranking above almost everywhere else in the British Isles for the lowest crime rates and the cleanest air.

Whether you grew up here or you’re new to the island, a career at plan.com not only provides a fantastic working environment with amazing people and exciting work, but being based on a stunning island ensures that you will find the perfect balance between work, relaxation and adventure.

Our Location

Our state-of-the-art headquarters, No.5 is conveniently located in the heart of town, surrounded by a vibrant array of local eateries and shops, all within a short 2-minute walk. Prepare to immerse yourself in a space that epitomises our values of excellence and passion. From its cutting-edge technology to its captivating and innovative design, every aspect has been carefully curated.