Cyber Security Operations Manager
Salary: Up to £75,000 depending on experience.
Working Hours: 37.5 hours per week, Monday to Friday.
Location: Liverpool City Centre on a Hybrid working basis.
Key Role Responsibilities
* Lead and manage the daily operations of the internal Security Operations team and primary relationship with any outsourced SOC solution ensuring 24/7 monitoring and response coverage.
* Oversee cyber defence capabilities including SIEM, SOAR, EDR/XDR, threat intelligence, and identity protection.
* Develop and maintain operational procedures, playbooks, and response frameworks.
* Direct the full incident response lifecycle: detection, triage, containment, eradication, recovery, and post-incident review.
* Coordinate major incident management with IT Infrastructure, Cloud, and Business teams.
* Ensure lessons learned are captured and drive meaningful improvement.
* Oversee the vulnerability management programme, ensuring timely identification, prioritisation, and remediation of risks.
* Partner with asset owners to ensure patches, configuration hardening, and remediation actions are completed.
* Support risk assessment processes and provide input to security governance and compliance teams.
* Ensure the design, tuning, and optimisation of detection rules, alerts, and correlation logic across security platforms.
* Drive automation initiatives using SOAR to improve response speed and reduce operational workload.
* Maintain robust coverage across cloud, on‑premise, network, and endpoint environments.
* Lead, mentor, and develop cyber engineers and analysts.
* Build capability through training, certifications, and knowledge-sharing programmes.
* Foster a culture of continuous improvement, collaboration, and high performance.
* Work with technology, business, and leadership teams to communicate risks, incidents, and security posture.
* Provide reporting on KPIs, threat trends, operational performance, and compliance metrics.
* Support audits, regulatory assessments, and customer assurance activities.
Qualifications
* Proven experience managing a SOC or security operations function within a complex enterprise environment.
* Strong understanding of SIEM, SOAR, EDR, IDS/IPS, firewalls, and cloud‑native security tooling.
* Deep knowledge of cyber security frameworks such as NIST CSF, MITRE ATT&CK, ISO 27001, or CIS Controls.
* Demonstrated expertise in incident response and threat management.
* Experience working in hybrid cloud environments (Azure, AWS, or GCP).
* Strong leadership, communication, and stakeholder management skills.
* Any security certification would be an advantage.
Benefits
A maximum of 35 days’ holiday (depending on role and tenure) including bank holidays, with additional buy/sell options.
24/7 mental health support & free counseling available.
Flexible benefits, including early access to salary via our internal platform.
Hybrid working options to support work‑life balance and individual needs.
#J-18808-Ljbffr