Sercurity Operations Manager

  • Job ref:


  • Location:

    Bristol, England

  • Sector:


  • Job type:


  • Salary:

    £60000 - £70000 per annum + Company Benefits

  • Contact:

    Tom McParland

  • Email:

  • Published:

    10 months ago

  • Start date:


  • Consultant:


Security Operations Manager

Based in Bristol

Flexible working from home/office

The Opportunity

The successful candidate will be responsible for planning, direct and control the SOC functions and operations. Ensure the monitoring and analysis of incidents to protect People, Technology and Process addressing all security incidents and ensuring timely escalation. Direct the Cyber Intelligence capability to identify potential threats delivering strategic reports and strategies to minimise the impact of the threat.


  • Leading and managing the Security Operations and team of security operational staff members

  • Primarily responsible for directing security event monitoring, management and response and cyber intelligence

  • Ensuring incident identification, assessment, quantification, reporting, communication, mitigation and monitoring

  • Ensuring compliance to policy, process, and procedure adherence and process improvisation to achieve operational objectives

  • Revising and develop processes to strengthen the current Security Operations Framework, Review policies and highlight the challenges in managing SLAs

  • Responsible for initiation of corrective action where required for Security Operations Centre

  • Ensuring daily management, administration & maintenance of security devices to achieve operational effectiveness

  • Ensuring threat management, threat modelling, identify threat vectors and develop use cases for security monitoring

  • Creation of reports, dashboards, metrics for SOC operations to support presentations to Sr. Mgmt.

  • Act as the primary focal point for potential Security Incident escalation during a major incident/crisis situation in conjunction with Head of Cyber Operations

  • Provide direct line management, coaching and mentoring for ARCHANGEL™ Analysts engaged in monitoring, alerting and incident handling

  • Maintain Operational 'best practice' within the SOC, promoting a standing high-degree of professional attention to detail for all outputs generated in the course of ARCHANGEL™ SOC normal business

  • Establish strong and sustainable working and sharing relationships with internal Stakeholders and Customers for operational reporting and Incident Handling

  • Maintain a broad and current understanding of evolving threats and vulnerabilities to ensure the integrity of monitored networks is maintained in conjunction with the CIRT

  • Provide SME input into ARCHANGEL™ business development opportunities as required in order to help define potential improvements to Service

What we are looking for

  • Demonstrable track record within Cyber Security Operations, including Security Monitoring, Incident Handling, Incident Response and Threat Intelligence

  • SIEM and IDS experience

  • Be able to be cleared to UK SC.

  • In-depth understanding of Cyber Security and Information Governance (ISO27001, NIST CSF)

  • Experience of working within technically complex environments or on a project with multiple participants.

  • Ability to assimilate information, take decisions and communicate to stakeholders.

  • Ideally CISSP or CISM Proven experience of general technology infrastructure technologies and principles

  • Strong leadership qualities and experience Finger on the pulse with the latest developing trends in cyber-attack techniques, cyber kill chain, and effective compensating mitigation and detection controls

  • Knowledge and understanding of up to date security threats and common exploits Understanding of the underlying protocols and data used as the basis for the security monitoring service, including: HTTP, HTTPS, SQL, TCP/IP, Active Directory

  • Knowledge and experience working with security tools used to monitor business environments (SIEM, netflow, IDS/IPS, Vulnerability Management, Advanced malware detection, EDR, AntiVirus etc).

  • Operational knowledge of Service Level Agreements (SLAs) and their delivery.

  • Understanding of technical trends within the ICT or cyber security industry and how modern technology can be harnessed to enhance the delivery of services.