Serco Plc
Cyber Security Operations & CTI Lead

How your CV stacks up
Upload your CV to see how well it fits this job role
?%
Cyber Security Operations & CTI Lead
Location: Remote, UK-based
Full Time, Permanent
Band B2 | £77,000 – £90,000 per annum DOE
Overview
Serco is building out its in-house cyber security capability, and this is a rare opportunity to shape it from the ground up. Around 18 months ago we made a long-term commitment to bringing more security expertise in-house — this new role is a key part of that plan.
You'll provide senior technical leadership across Security Operations and Threat Intelligence, ensuring threats are identified, analysed, and translated into action. This is a hands-on technical role: monitoring, threat hunting, detection engineering, and incident response — strengthening how Serco detects and responds to evolving cyber threats. We're a small team with large ambitions, globalising this service, and you'll play a central role in shaping its future.
As part of this you’ll:
- Provide technical leadership across Security Operations — alert triage, investigation, and escalation — and act as senior escalation point for complex investigations
- Design, build, and evolve a new Cyber Threat Intelligence capability, integrating it into SOC workflows, detection logic, and incident response
- Analyse and track threat actors and campaigns, mapping adversary TTPs to MITRE ATT&CK and translating intelligence into detection improvements
- Develop, tune, and optimise detection rules based on threat intelligence and incident learnings
- Lead hypothesis-driven threat hunting, feeding outcomes back into detection engineering
- Lead cyber incidents end-to-end, producing high-quality incident reports with root cause analysis and lessons learned
- Author and maintain incident response playbooks and SOC/CTI processes
- Task-manage a team of analysts day-to-day, with around four direct reports as the function grows
- Participate in an on-call rota supporting incident escalations
Reasons to use Rodeo
I’m in my final year doing Economics and I don’t know whether to apply for grad schemes now or do a masters first. What do you think?
Honest answer — it depends on where you want to end up. A lot of top grad schemes (Big 4, civil service, banking) don’t need a masters. Let’s look at the ones you’d be competitive for now, and we can decide if a masters actually adds anything.
Also worth knowing: most autumn 2026 applications are open now. Timing matters more than you think.
Start with a chat, not a search bar
Grad scheme, placement, apprenticeship? Not sure what you want yet — that's fine. Your agent talks it through with you and turns "I have no idea" into a shortlist.
Graduate Consultant — 2026 Scheme
Why you're a good match
StrongYour economics background and your summer at a regional bank line up with what PwC looks for on the consulting scheme. Applications close in four weeks.
See breakdownIt searches the market for you
Every day your agent scans the market matching roles against what actually matters to you, not just keywords on a CV.
Why you're a good match
You’ve got the grades and the economics background, and your bank internship is exactly the experience this scheme looks for. Apply soon — deadlines close within the month.
Experience fit
Your summer at the bank plus your econometrics coursework map directly to the day-one responsibilities on this scheme — client modelling, market briefings, and deal support.
Only hits
No noise. No "maybe this fits." Just roles with a clear explanation of why they're right — and where to focus when applying.
What you’ll need to do the role:
We're looking for someone who has been there and done it technically — deep, hands-on experience matters more here than a long leadership track record. You'll bring:
- 7+ years' experience in cyber security roles, in-house or within an MSSP
- Strong experience within a SOC environment, including incident response end-to-end
- Proven experience building or integrating a Cyber Threat Intelligence function
- Strong knowledge of SIEM, EDR, and SOAR tooling, and the MITRE ATT&CK framework
- Demonstrated detection engineering and intelligence-led threat hunting experience
- Clear communication skills, technical and non-technical, and the ability to operate under pressure during incidents
You'll need to be eligible for BPSS clearance.
Desirable
- CISSP
- Relevant SANS certifications (e.g. SEC503, FOR572)
- Relevant Microsoft certifications (e.g. SC200)
- Blue Team Level 2 (BTL2)
Why Serco:
Meaningful and vital work: In this position, your work is vital to the business, in terms of decisions and growth. You will gain a world of opportunity working for a globally operating business delivering essential services across 5 vital sectors, personal growth, achievement and development won’t be hard to find. You'll also work with great people. You’ll find yourself working in a highly motivated, supportive environment where no two days are the same, with experienced colleagues who strive for excellence.
What we offer:
- Company car
- Private healthcare
- Bonus scheme of up to 30%
- Flexible working considered
- Pension – 6%
- Chance to contribute to innovation in the public services
- A company passionate about diversity and inclusion
- Serco discounts which include cinema, Merlin entertainment and online shopping discounts, and discounts on mobile phone plans and leisure centre memberships.
- A range of benefits to support the health and wellbeing of you and your family such as Employee Assistance Programme, Simply Health Cash Plans, and more.
- A wealth of career development training to suit your future aspirations. These range from role specific training, leadership coaching, formal study and much more to support you to build your career with Serco.
- A safe and supportive culture.


Get help with your application
Your very own career expert that helps elevate your application to the next level.
A little bit about us:
At Serco, everyone plays a vital part in delivering essential public services that make a real difference. As a global team of 50,000 people across Defence, Transport, Justice, Immigration, Healthcare, Leisure and Citizen Services, we’re united by a shared purpose: to improve the services that communities rely on. Guided by our values of Trust, Care, Innovation and Pride, our people make meaningful impact, every single day.
Our inclusive recruitment commitment:
We prioritise your skills and potential. As a Disability Confident Leader, the Top Great British Employer of Veterans 2026, and a Gold Inclusive Employer Standard holder, we champion equal opportunities for all. We offer flexible and hybrid working where possible and make reasonable adjustments throughout recruitment and employment.
Guaranteed Interview Scheme: Applicants with disabilities, veterans and people with convictions, who meet the minimum job criteria, are guaranteed an interview. Simply opt into the relevant scheme on the application form.
Ban The Box: We also support fair access for those with unspent criminal convictions through our ‘Ban the Box’ pledge (some roles may have security exemptions).
For support with your application, please contact recruitmentuk@serco.com.ddatjobs
“It took my CV and asked me questions relevant to understanding what kind of jobs to suggest for me. Suggestions were almost perfect. Jobs were exactly what I’ve been looking for.”
Jessica, London
Skills
Location