The Role
Serve as the customer's technical owner and trusted advisor for security services. Quantify security maturity, build a defensible 12-month technical roadmap, deliver QBR technical content, provide reactive ticketed support and proactive improvement, create technical deliverables (playbooks, analytics, dashboards), advise on defensive security gaps, and maintain evolving threat overviews.
Summary Generated by Built In
The TAM is the customer's technical owner for the service and the expert voice in the relationship. They quantify the customer's security maturity through the TAM Score framework, build and steer a defensible 12-month technical roadmap, and provide the depth of Microsoft Azure Sentinel/Defender XDR expertise needed to advise credibly on priorities. TAMs translate data into narrative - interpreting scores, surfacing the highest-leverage gaps, and guiding customers toward measurable improvement quarter by quarter. They act as a technical buffer between customers and internal operational teams by resolving technical queries, advising on improvements, and ensuring issues are properly packaged when escalation is required.
Key Responsibilities
- Own the technical relationship: understand the customer environment end-to-end, maintain technical context, and operate as the trusted advisor in the partnership.
- Own the TAM Score narrative: interpret Environment, SOC, and Health scores into a credible story about where the customer stands and where to focus next - accountable for the quality of the diagnosis and recommendations, not the absolute score.
- Build and maintain the 12-month technical roadmap: anchored to the TAM Score, with defined quarterly focus areas tied to the highest-leverage gaps.
- Deliver the TAM/technical portion of Quarterly Business Reviews: present the score, narrate progress, and align with customer stakeholders up to CISO/senior IT leadership.
- Deliver reactive technical support via tickets (troubleshooting, investigation support, remediation guidance).
- Deliver proactive technical expertise and drive continuous improvement (Tier A included): posture and coverage advisory, tuning/noise reduction, cost/retention optimisation, automation uplift.
- Own technical deliverables: automation/playbooks where in scope, custom analytics and workbooks.
- Drive the operational health-check catalogue as scheduled workstreams within the roadmap.
- Advise on Defensive Breadth gaps (pentest cadence, IR retainer, EASM, DLP, tabletops, etc) - surfacing risk credibly and identifying where NCC services can close the gap.
- Maintain and refresh the threat overview as the customer's environment and threat landscape evolve.
Key Requirements
- Proven experience in cybersecurity, IT operations, or managed security services (3–7+ years)
- Background in a customer-facing technical role (e.g. TAM, Security Consultant)
- Experience engaging senior stakeholders (CISO, Head of IT/Security)
- Strong understanding of SOC operations, threat detection, and incident response
- Ability to understand end-to-end customer environments (cloud, infrastructure, security stack)
- Experience with security tools (e.g. SIEM, EDR, SOAR, DLP, vulnerability management)
- Able to interpret and translate security metrics into clear risk-based narratives
- Proven ability to build and maintain 12-month technical roadmaps with quarterly focus
- Strong skills in data analysis, prioritisation, and identifying high-impact improvements
- Experience delivering Quarterly Business Reviews (QBRs) to senior audiences
- Ability to act as a trusted advisor, owning the technical customer relationship
- Experience balancing reactive support (tickets, troubleshooting) and proactive improvement
- Capability to deliver continuous improvement initiatives (tuning, optimisation, automation)
- Experience creating technical deliverables (playbooks, dashboards, analytics, reports)
- Knowledge of defensive security domains (pentest, IR, EASM, DLP, tabletop exercises)
- Ability to identify security gaps and align solutions/services to mitigate risk
- Strong communication and storytelling skills, adapting for technical and non-technical audiences
- Familiarity with service management practices (e.g. ITIL, ticketing systems)
- Relevant certifications (e.g. CISSP, CISM, Security+, cloud security) – desirable
- Proactive, accountable, and customer-focused mindset with strong ownership
Job Benefits
- Flexible Working: Balance your work and personal life with our flexible working options.
- Generous Holiday Allowance: Enjoy 25 days of holiday, plus bank holidays, with the option to buy up to 5 additional days of annual leave.
- Medicash & Critical Illness Scheme
- Financial & Investment Benefits: Enjoy peace of mind with our Pension, Life Assurance, and Share Save Scheme.
- Community & Volunteering Programmes: Make a difference in your community with our volunteering opportunities.
- Green Car Scheme: Drive green and save money with our eco-friendly car scheme.
- Cycle Scheme: Stay fit and healthy with our cycle-to-work scheme.
- Special Time Off: Take time off for those big moments in life, like getting married/entering into a civil partnership, becoming a grandparent, and welcoming home a new pet.
- Family Planning: Benefit from our generous maternity and paternity leave, as well as time off and support for those undergoing fertility treatments.
About
We assess, develop and manage cyber threats across our increasingly connected society. We advise global technology, manufacturers, financial institutions, critical national infrastructure providers, retailers and governments on the best way to keep businesses, software and personal data safe.With our knowledge, experience and global footprint, we are best placed to help businesses identify, assess, mitigate & respond to the risks they face.We are passionate about making the Internet safer and revolutionising the way in which organisations think about cyber security.Headquartered in Manchester, UK, with over 35 offices across the world, NCC Group employs more than 2,000 people and is a trusted advisor to 15,000 clients worldwide.
Skills Required
- Proven experience in cybersecurity, IT operations, or managed security services (3-7+ years)
- Background in a customer-facing technical role (e.g. TAM, Security Consultant)
- Experience engaging senior stakeholders (CISO, Head of IT/Security)
- Strong understanding of SOC operations, threat detection, and incident response
- Ability to understand end-to-end customer environments (cloud, infrastructure, security stack)
- Experience with security tools (SIEM, EDR, SOAR, DLP, vulnerability management)
- Ability to interpret and translate security metrics into clear risk-based narratives
- Proven ability to build and maintain 12-month technical roadmaps with quarterly focus
- Strong skills in data analysis, prioritisation, and identifying high-impact improvements
- Experience delivering Quarterly Business Reviews (QBRs) to senior audiences
- Ability to act as a trusted advisor, owning the technical customer relationship
- Experience balancing reactive support (tickets, troubleshooting) and proactive improvement
- Capability to deliver continuous improvement initiatives (tuning, optimisation, automation)
- Experience creating technical deliverables (playbooks, dashboards, analytics, reports)
- Knowledge of defensive security domains (pentest, IR, EASM, DLP, tabletop exercises)
- Ability to identify security gaps and align solutions/services to mitigate risk
- Strong communication and storytelling skills, adapting for technical and non-technical audiences
- Familiarity with service management practices (e.g. ITIL, ticketing systems)
- Relevant certifications (e.g. CISSP, CISM, Security+, cloud security)
- Proactive, accountable, and customer-focused mindset with strong ownership
Am I A Good Fit?
Get Personalized Job Insights.
Our AI-powered fit analysis compares your resume with a job listing so you know if your skills & experience align.
Success! Refresh the page to see how your skills align with this role.
The Company
What We Do
NCC Group is a global cyber security and resilience company that helps organizations manage risk, strengthen resilience, and build trust. They provide services in cyber security consulting, managed services, technical assurance, and software escrow.
