Cyber Security Operations Manager

About the role

This senior position sits within a central cyber function of a major regulated organisation. You will own and improve security operations across detection, response and recovery, working closely with internal IT teams, business stakeholders and external partners.

Key responsibilities

• Lead day‑to‑day cyber security operations and collaborate with internal IT, security stakeholders and external partners.
• Provide oversight of security services delivered by internal teams and third‑party SOC/MDR providers, ensuring effective monitoring, detection and response.
• Strengthen incident detection and response capabilities, including playbooks, frameworks, exercises and support during high‑impact incidents.
• Enhance security monitoring, threat hunting and investigations using SIEM, EDR, XDR and threat‑intelligence sources.
• Support maturity of both IT and operational‑technology detect, respond and recover capabilities.
• Act as a trusted advisor on cyber risk, security controls and best practices.
• Drive supplier cyber‑assurance activities, including due diligence, risk assessments and ongoing oversight.
• Maintain and improve security standards, control requirements, dashboards and reporting for decision‑making and regulatory compliance.
• Support cyber‑awareness initiatives to help staff and leaders recognise and report risks.

Required profile

• Proven experience in a cyber security role with a strong focus on security operations, incident response and cyber resilience.
• Hands‑on experience with modern security‑operations tooling, especially Microsoft Sentinel.
• Familiarity with recognised frameworks such as MITRE ATT&CK and knowledge of ISO 27001, NIST, NIS or CAF.
• Confidence working across internal teams and third‑party providers.

Required skills

• Microsoft Sentinel
• SIEM
• EDR
• XDR
• Threat intelligence platforms
• MITRE ATT&CK
• ISO 27001
• NIST framework
• NIS/CAF compliance

What we offer

• Competitive salary up to £80,000 plus bonus
• Hybrid working model (1‑2 days onsite in Leeds)
• Opportunity to shape cyber‑security maturity in a high‑visibility environment