Overview

A leading professional services firm is seeking a Senior Manager or Associate Director to join its growing Cyber Security Operations team. This high-impact role focuses on the strategy, design, and continuous improvement of next-generation detection and response capabilities for a diverse portfolio of clients. The ideal candidate will bridge business-level consulting with technical depth in security operations, helping shape operating models, design architectures, and steer tooling strategies to meet evolving threat landscapes.

Key Responsibilities

• Define and guide the strategic direction of cyber detection and response capabilities across client organisations.
• Design and evolve operating models, technical architectures, and service catalogues for modern Security Operations Centres (SOCs).
• Lead the development and implementation of migration strategies and operating procedures.
• Translate business risk into actionable security processes and tooling requirements.
• Oversee and optimise processes for threat detection, investigation, and response.
• Collaborate with Engineers, Architects, and Threat Hunters to review dashboards, analyse telemetry, and drive improvements in security visibility.

Skills & Experience Required

• Demonstrated experience in cyber operations, detection & response, or building and running modern SOCs.
• Strong understanding of Security Information and Event Management (SIEM) and Security Orchestration, Automation and Response (SOAR) platforms (e.g. Google SecOps, Chronicle, Siemplify).
• Proven experience in solution design, including development of HLD/LLD documentation and architectural blueprints.
• Familiarity with architecture frameworks (e.g. TOGAF) and delivery models (Agile, DevOps, Kanban).
• Strong technical understanding of cloud environments across hyperscalers (AWS, Azure, GCP), ideally holding a Professional Cloud Architect certification or equivalent.
• Solid grasp of the modern threat landscape, malware behaviour, and detection approaches.
• Strong communication and presentation skills; able to clearly explain technical risks and security concepts to non-technical stakeholders.
• Experience managing cross-functional teams (5-15 people), across different locations and levels of experience.

Desirable Qualifications

• Previous consulting experience or working with enterprise clients.
• Relevant industry certifications (e.g. CISSP, CISM, GCIH, GCIA, Microsoft Security, or other SANS/GIAC accreditations).
• Experience with DevOps tooling (e.g. Git, Azure DevOps, Jenkins, Kubernetes, Ansible).
• Knowledge of role-based access control (RBAC) and modern access governance principles.

Remote, Hybrid Working & Flexibility

This role supports a remote or hybrid working model.