Security Operations Manager

Job

Location:

Birmingham : 1 Trinity Park :
Bi

Position Category:
Information Technology

Position Type:
Employee Regular

The Security Operations Manager is responsible for building, operating, and continually advancing LRQA’s corporate cyber defence capability in an environment where attackers move fast and automation matters. You will lead a high‑performing internal Security Operations team while overseeing a 24×7 outsourced SOC and Incident Response provider. This is a hands‑on operational management role where you will combine threat‑informed detection engineering, incident response coordination, vulnerability management, and AI‑assisted defence.

Working closely with IT and senior leadership, you will lead LRQA’s Cyber Security Analysts, drive the adoption of AI tooling to elevate detection quality, investigation speed, and response outcomes.

• Design, mature, and scale LRQA’s detection and response capabilities across endpoints, identity, cloud, and network environments.
• Own and continuously improve alert logic, response playbooks, escalation workflows, and post‑incident review processes.
• Ensure threats are detected, triaged, contained, and remediated quickly and consistently.
• Lead incident response during major security events—coordinating internal teams and managing third‑party IR resources where required.

• Manage and mentor a team of internal Cyber Security Analysts.
• Provide technical direction, operational structure, coaching, and performance development.
• Build analyst capability, with a focus on modern detection engineering and AI‑assisted investigation techniques.

• Oversee a 24×7 third‑party SOC and IR provider as LRQA’s operational extension.
• Define and enforce SLAs, KPIs, and escalation procedures.
• Conduct regular service reviews to ensure high‑quality detections, effective response actions, and continual improvement.
• Be the primary point of accountability for all outsourced SOC and IR outcomes.

• Drive adoption of AI‑enabled security tooling across detection, investigation, and response workflows.
• Integrate AI outputs into detection engineering and decision‑making, to enhance the team's capability.
• Establish guardrails to ensure AI recommendations remain explainable, accurate, and aligned to LRQA’s security standards.

• Own and drive LRQA’s vulnerability management programme, ensuring timely identification, prioritisation, and remediation of weaknesses across endpoints, cloud services, identity systems, and networks.
• Collaborate with IT, engineering, and cloud teams to ensure remediation activities are tracked, risk‑aligned, and completed within agreed SLAs.
• Use innovative methods to enhance vulnerability prioritisation, exploit‑likelihood assessment, and risk scoring.
• Integrate vulnerability intelligence into detection engineering and threat‑modelling activities to strengthen LRQA’s overall defensive posture.
• Provide clear reporting on vulnerability trends, remediation progress, and systemic risk to senior security leadership.

• Define, track, and maintain operational metrics such as MTTD, MTTR, alert fidelity, and incident trends.
• Provide clear, actionable reporting to senior security leadership.
• Use data‑driven insights to prioritise improvements, influence tooling investment, and strengthen operational resilience.

• Partner with IT, Cloud, Engineering, and Risk teams to remediate vulnerabilities and reduce systemic security risk.
• Support compliance, audit, and regulatory enquiries relating to security operations.

• Experience leading Security Operations, SOC, or incident response teams.
• Strong understanding of detection engineering, incident response lifecycle, and modern security monitoring technologies.
• Proven track record managing third‑party SOC and IR service providers.
• Familiarity with AI‑assisted security tools.
• Strong leadership, communication, and vendor management skills.

• Experience operating in hybrid or cloud‑first…