Detection & Response Manager


Time Type

Full time


Competitive Salary


Amazing Benefits

Close Date


Area of Business

Cyber Security


Hammersmith - Griffin House Hammersmith Road

Job ID 00030992

About the role

Detection and Response Engineering Manager

The opportunity:
At Virgin Media O2, we are not yesterday’s IT department and yesterday’s Security function, we're Digital! The world around us keeps changing and so do we. We’re redefining what it means to be a tech company with a mindset centred on transformation, experience, AI-driven automation, innovation, and growth. We’re all about delivering delightful, secure customer and employee experiences that accelerate VMO2’s journey to become the defining digital telecom of the 21st century.

Digital Security and Resilience is responsible for the security, reliability, observability, and operability of our platforms. We are fundamentally forward-thinking, enthusiastic problem solvers. People who thrive in our team are those who love a challenge, constantly evaluate and question. We are aiming for zero manual processes, strong software engineering proficiency, and zero touch security.

The role holder is an extraordinary Security Engineer who is passionate about security incident detection and response in in a fast-paced and high velocity environment where both individual drive and team collaboration are the keys to success. A technical hands-on role focused on a hybrid multi cloud security across all of Virgin Media O2. You’ll be working to identify problems, establish a vision for how to address those problems, and unite the relevant owners within the business on achieving that vision!

What will you do?
This role is focused on driving Excellence and Speed of Security Detection and Response across Virgin Media O2 digital estate and platforms, with specific responsibilities including:

1. Lead and prioritize security engineering projects for Threat Detection & Response mission areas
2. Represent Threat Detection & Response as part of global security projects
3. Lead digital forensics engineering and purple team programs
4. Lead critical asset monitoring projects
5. Leverage strong understanding of DFIR, Threat Detection, and Threat Intelligence to provide functional technical contributions to projects and vision for team capabilities
6. Contribute to strategic direction for threat intelligence, detection, prevention, forensics, incident response, and reverse engineering capabilities
7. Partner with risk, engineering, operations, architecture, and other teams to improve VMO2’s defence posture
8. Provide security/threat assessment support to higher-risk activities
9. Assist in developing support for crisis management and response
10. Provide leadership and guidance to the team and squads during incidents
11. Establish and maintain performance metrics for quality and completeness of security capabilities and to measure improvements over time
12. Provide briefings to business, management, and technical audiences
13. Mentorship of junior engineers and technical leaders.

Key Qualifications:
To be successful, you must have:

1. Deep technical expertise in threat intelligence and hunting, incident detection at scale, and creating effective incident containment and response practices, coupled with a broad understanding of the security and information technology landscape
2. The ability to influence without authority, innovate to tackle tough problems, and communicate clearly to all levels of the organisation
3. Significant technical depth in security incident detection and response:
o Deep understanding of attack models (such as MITRE’s ATT&CK framework), and experience applying them in large-scale enterprise environments
o Deep understanding of information security intelligence and threat-hunting,
preferably with hands-on experience deploying an activity-based intelligence (ABI) model
o Hands-on experience in creating and deploying the instrumentation and data capturing capabilities to ensure visibility in large-scale, heterogenous deployments
o Practical application of detection and response methodologies in a variety of environment types, including on premises, private cloud, and public cloud providers
4. Hands-on experience with effective incident response and containment practices
5. Fluency in building and deploying software using modern engineering practice
6. Fluency in at least one programming language, preferably multiple
7. Familiarity with the application of Machine Learning in a security context, including its capabilities and limitations
8. A broad base of technical knowledge spanning many of the fields of information
9. Experience delivering results in a software or platform environment, ideally from a position of little or no direct authority and efforts that span teams or organizations
10. You must be able to target your communications to the audience, whether technical or not, whether an executive or a front-line individual

What's in it for you?
We know that benefits mean so much more than the 'stuff' we can give you, so we offer a wide range of support, rewards and tools - we're passionate about helping you to prioritise what really matters.

All work and no play just isn't our style! We're already planning our future ways of working, for when life becomes a little more normal again. We're always evolving our approach to enable you to find an excellent work life balance.

If you go on to be successful in your application, some of the many benefits include:
•    An annual bonus of up to 15%, based on company and personal performance.
•    25 days' annual leave, plus UK bank holidays.
•    Access to wellbeing benefits such as the Unmind App, personal medical cover (which you can opt to upgrade to cover loved ones) and critical illness cover.
•    Your birthday off, to treat yourself.
•    The option to buy and sell up to 5 days leave, to suit your personal needs.

Next Steps:
If you think you've got some outstanding skills to offer us, and Virgin Media feels like a place where you can belong, we'd love to learn more about you.

When you apply, you'll be asked about any adjustments you might need to support the recruitment process. Let us know, and we'll be sure to discuss it with you.

Thanks for your patience in the meantime and for showing an interest in joining the Virgin Media family.

Job Location

Explore more

Connect to better