Security Operations Manager

Your new company

A prominent UK-based institution in the higher education sector, this organisation delivers a broad spectrum of undergraduate and postgraduate courses spanning the sciences, business, arts, and humanities. It is well-regarded for its impactful research, international collaborations, and dedication to environmental sustainability. With a dynamic campus life and a diverse student community, it plays a key role in driving local economic growth and fostering innovation through academic and civic engagement.

Your new role

Digital Technology Services plays a vital role in supporting the organisation by delivering centralised IT infrastructure, with a strong emphasis on safeguarding identity access. The SecOps Manager is a key figure in the organisation's cyber defence efforts, tasked with identifying, detecting, and responding to information security threats, as well as managing the response to cybersecurity incidents. Working closely with colleagues across IT and the wider organisation, this role ensures the protection of digital and information assets against a range of internal and external threats. The M365, Identity, and Security functions are central to this position, leading a team of specialist engineers to maintain the secure operation of services and contributing to major projects that impact identity management across the organisation. The post holder also serves as a technical authority within the team and department.

What you'll need to succeed

Security Operations & Incident Response

Lead security operations services, including monitoring, incident response, threat management, and intrusion detection, using both internal and external resources.
Manage the outsourced 24/7 security operations service.
Lead the organisation's response to security incidents, coordinating recovery efforts with internal teams and vendors.
Establish and manage threat intelligence processes to ensure timely remediation of vulnerabilities.
Monitor and analyse performance metrics to support security troubleshooting and continuous improvement.Identity & Access Management

Provide expert technical leadership for identity and access management, ensuring secure, high-performing services aligned with SLAs.
Oversee day-to-day monitoring and maintenance of identity services, ensuring reliability and user demand readiness.
Shape and deliver a strategic roadmap for identity services, focusing on automation and proactive improvements.
Investigate and resolve complex identity-related incidents and problems.Strategic Leadership & Collaboration

Act as service/technical manager for the SecOps function, driving improvements in security, performance, and usability.
Build strong partnerships with internal technology teams to embed security into architecture and processes.
Collaborate with senior leadership and DTS teams to identify and address emerging threats.
Represent the organisation in external networks and vendor relationships to share best practices and influence product development.Governance, Risk & Compliance

Ensure technical security risks are documented and managed within the risk register.
Own and manage services/processes in line with ITSM best practices.
Maintain and review operational documentation and processes for effectiveness and efficiency.Continuous Improvement & Innovation

Design and implement long-term security and access management capabilities.
Analyse complex technical data to inform strategy, policy, and decision-making.
Stay informed on internal and external developments, assessing their impact on digital services.Key Requirements

Core Skills

Strong leadership in security and identity technologies, including M365.
Effective prioritisation and problem-solving across complex systems.
Proven experience managing teams and delivering complex projects.
Excellent collaboration and communication across technical and non-technical teams.Qualifications

Degree or equivalent industry certification.
Professional certification in security/identity (e.g. CREST, GIAC).
ITIL Foundation certification.
Incident response certification preferred.Technical Knowledge

Proficient in SIEM, EDR, threat detection, and vulnerability management.
Solid understanding of network security (firewalls, segmentation, IDS/IPS).
Experience with Windows, Mac, Linux environments and security tooling.
Familiarity with public cloud platforms (Azure, OCI) and AHV Hypervisor.Experience

Leading security incident response and recovery.
Managing full lifecycle of security and identity systems.
Operating in large, complex, and 24/7 environments.
Producing clear technical documentation and engaging with stakeholders.

What you need to do now

If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV, or call us now.
If this job isn't quite right for you, but you are looking for a new position, please contact us for a confidential discussion about your career.

Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found at (url removed)