Salary: £75,000 - 75,000 per year Requirements: Experience managing a SOC or security operations function within a complex enterprise environment. Strong understanding of SIEM, SOAR, EDR, IDS/IPS, firewalls, and cloud-native security tooling. Knowledge of cyber security frameworks such as NIST CSF, MITRE ATT&CK, ISO 27001, or CIS Controls. Demonstrated expertise in incident response and threat management. Experience working in hybrid cloud environments (Azure, AWS, or GCP). Responsibilities: Lead and manage the daily operations of the internal Security Operations team and primary relationship with any outsourced SOC solution ensuring 24/7 monitoring and response coverage. Oversee cyber defence capabilities including SIEM, SOAR, EDR/XDR, threat intelligence, and identity protection. Develop and maintain operational procedures, playbooks, and response frameworks. Direct the full incident response lifecycle: detection, triage, containment, eradication, recovery, and post-incident review. Coordinate major incident management with IT Infrastructure, Cloud, and Business teams. Ensure lessons learned are captured and drive meaningful improvement. Oversee the vulnerability management programme, ensuring timely identification, prioritisation, and remediation of risks. Partner with asset owners to ensure patches, configuration hardening, and remediation actions are completed. Support risk assessment processes and provide input to security governance and compliance teams. Ensure the design, tuning, and optimisation of detection rules, alerts, and correlation logic across security platforms. Drive automation initiatives using SOAR to improve response speed and reduce operational workload. Maintain robust coverage across cloud, on premise, network, and endpoint environments. Build capability through training, certifications, and knowledge-sharing programmes. Work with technology, business, and leadership teams to communicate risks, incidents, and security posture. Support audits, regulatory assessments, and customer assurance activities. Technologies: AWS Azure Cloud GCP Support Network Security More: We are excited to introduce a brand-new role for a Cyber Security Operations Manager based in Liverpool City Centre, offering a hybrid working arrangement. With a competitive salary of up to £75,000 per annum depending on experience, this permanent, full-time position involves 37.5 hours of work each week. At Acorn, we pride ourselves on our 40 years of specialist insurance expertise, and as part of our team of over 1,700 employees across the UK, you will thrive in a culture dedicated to customer success, innovation, and personal growth. We provide extensive benefits, including 35 days holiday, mental health support, flexible working options, and recognition awards. last updated 14 week of 2026