Security Operations Managers Remote with occasional travel to Crawley £850 per day - Outside IR35 6-9 month duration Summary A UK Critical National Infrastructure (CNI) energy operator is appointing two contract Security Operations Managers who will work in lock-step: a Run Lead to steer and mature the live CSIRT Response Function, and a Build Lead to create new, minimum-viable capabilities and hand them into service. Both posts sit under the Cyber Security Response Manager and are driven by the NCSC Cyber Assessment Framework (CAF) and NIST SP 800-61 r3 guidance for incident response. The culture is "good-enough-today, better-tomorrow": short, bullet-point artefacts, daily measurable progress, and rapid decision-making. ________________________________________ Background & Purpose Digital transformation and heightened threat activity place the UK energy sector under sustained pressure to detect and respond quickly. While the existing SOC provides baseline monitoring, it needs stronger governance, clearly defined processes, and fresh capabilities delivered at pace. Close partnership with the Managed Security Services Provider (MSSP) is essential to uplift the service and assure resilience. ________________________________________ Shared Responsibilities - Operate to recognised frameworks - align policies, processes and runbooks to the NCSC CAF objectives for CNI resilience and the incident-handli...