About usAt TCC Global, we create innovative loyalty
marketing solutions that drive customer engagement and enhance
brand loyalty for some of the world's leading retailers. We are
passionate about delivering outstanding results through
well-executed campaigns, strong client partnerships, and seamless
operations. TCC || Building customer loyaltyThe Cybersecurity
Engineering Lead will ensure the secure configuration and operation
of our IT and cloud environments. This role spans across on-premise
infrastructure, Windows/Linux endpoints, and cloud platforms (IaaS,
PaaS, SaaS) such as Salesforce, Azure, and Microsoft 365, including
identity services and end-user devices. As the primary point of
contact for security-related matters, the person will manage our
external SOC, oversee patch and vulnerability management,
coordinate penetration tests, and lead the operation of the
Microsoft Defender XDR suite including Sentinel. It will also play
a key role in incident handling and serve as deputy to the Security
Manager in their absence.Role and ResponsibilitiesYou will be
responsible for balancing day to day activities and projects,
including the following:Oversee the secure configuration and
operation of on-premises systems, endpoints, and cloud
environments, including platforms such as Microsoft Azure,
Microsoft 365 and Salesforce.Act as the primary point of contact
for all internal and external security-related inquiries.Manage and
coordinate with the external Security Operations Center ensuring
comprehensive monitoring and timely response to potential
threats.Support the Security Management team in the development,
validation, and ongoing improvement of security playbooks, ensuring
processes remain up to date with evolving threats.Take an active
role in incident response efforts, leading the detection,
investigation, and remediation of security incidents. For example,
this includes organising post-incident reviews and reporting on
root-cause analysis.Lead patch management processes, ensuring that
critical vulnerabilities are identified and remediated within
agreed service-level timelines.Manage externally conducted
penetration testing activities, including planning, oversight, and
tracking remediation of findings to closure.Administer and operate
the Microsoft Defender XDR suite, including Microsoft Sentinel, to
maintain effective threat detection and response
capabilities.Provide security expertise and guidance to IT and
business teams, and act as a deputy for the Security Manager when
required.Collaborate with IT and business units to drive ongoing
security awareness initiatives and continuous improvement of
security processes, fostering a culture of proactive risk
management across the organisation.Stakeholders who will form part
of your essential NetworkExternal: External SOC and security
solution providers, auditorsInternal: IT Security Management, IT
Engineering and ApplicationsKnowledge, Skills & ExperienceThe
technical requirements to do the job and the qualities we value in
all our peopleWith previous experience as an IT Operations lead or
Engineer (ideally 5 years of relevant experience), together
with:Extensive experience in cybersecurity operations, preferably
in a senior or lead position, demonstrating hands-on technical
proficiency and leadership.Deep understanding of endpoint security
for both Windows and Linux environments, coupled with expertise in
securing cloud platforms such as Azure, M365, and Salesforce, as
well as traditional on-premise infrastructure and networks.Proven
skills in administering Microsoft Defender XDR and Sentinel to
ensure robust threat detection and response.Comprehensive knowledge
of incident response processes and the development of practical,
effective playbooks.Strong background in coordinating with external
SOC teams and overseeing penetration testing engagements, from
planning through to closure of findings.Excellent interpersonal and
communication skills, with a track record of acting as a trusted
advisor to both technical and non-technical stakeholders.A Flexible
and collaborative mindset and the ability to foster productive
relationships across IT, business, and leadership teams, supporting
a proactive and security-aware culture.Certifications such as
CISSP, CISM, GIAC, AZ-500, or MS-500.Experience working with
compliance and security frameworks (e.g., ISO 27001, NIST,
GDPR).Core ValuesRespect: Treat others the way they would like to
be treated.Truth: Honest and open always, learning from successes
& mistakes.Collaborate: Making us smarter and better as one
team.Care: About tcc, our future, our colleagues, our clients, our
community.