Security Operations Manager

Cyber Defence Lead

London – Hybrid – Monthly overseas travel

Outside IR35 - £550

We’re seeking a Cyber Defence Lead to take ownership of how cyber defence operates end-to-end — defining the model, improving maturity, and ensuring the organisation can reliably detect, respond to, and learn from security threats.

This role is about building capability, not just running tools. You’ll shape how the SOC functions today, how it improves over time, and how it integrates with the wider technology and risk landscape.

The role

As Cyber Defence Lead, you’ll be accountable for defining how security operations work in practice — from detection and investigation through to response, recovery, and continuous improvement. You’ll set standards, introduce structure, and ensure the capability is measurable, repeatable, and ready to stand up to regulatory scrutiny.

Key responsibilities

  • Define and evolve the cyber defence operating model, covering detection, investigation, response, and escalation
  • Build and mature operational playbooks, workflows, and runbooks to improve consistency and speed of response
  • Shape the use of SIEM, SOAR, EDR, and threat intelligence to improve signal quality and reduce manual effort
  • Establish and track meaningful operational metrics (e.g. detection coverage, MTTR, alert quality) to demonstrate effectiveness and guide investment
  • Ensure incident response readiness, including training, exercising, and post-incident learning
  • Coordinate across IT, engineering, risk, and compliance to embed security operations into day-to-day ways of working
  • Own the cyber defence capability roadmap, setting out how operations will mature over the next 6–24 months
  • Support assurance and regulatory expectations by ensuring operations are evidence-ready and well-governed

What we’re looking for

  • Strong experience leading or maturing Security Operations / Cyber Defence capabilities
  • Practical understanding of SOC operations, detection engineering, and response processes
  • Confidence working in regulated environments, with an appreciation for audit and assurance requirements
  • Experience designing operational processes and governance, not just implementing tools
  • Able to influence senior stakeholders and drive change across multiple teams
  • Comfortable balancing strategic direction with hands-on operational detail

What success looks like

  • A clearly defined and adopted cyber defence capability
  • Faster, more consistent, and more effective security response
  • Operations that are measurable, repeatable, and trusted
  • A clear roadmap for ongoing maturity and improvement
Apply Now
Apply Now

Job Details

Company
LT Harper - Cyber Security Recruitment
Location
City of London, London, United Kingdom
Posted