Cyber Security Operations Manager in Liverpool

Acorn Insurance are looking to recruit a brand-new role as a Cyber Security Operations Manager. The Cyber Security Operations Manager will lead the operational security function responsible for protecting the organisation's information assets, technology services, and users. This role oversees all security operation functions, incident response, threat detection, vulnerability management, and continuous improvement of the organisation's security posture. Working closely with Infrastructure, Cloud, Architecture, Governance, Compliance and Risk teams, the manager ensures that security operations are proactive, resilient, and aligned with business needs.

Job Details

• Salary: Up to £75,000 Depending on experience
• Working Hours: 37.5 hours per week, Monday to Friday
• Location: Liverpool City Centre on a Hybrid working basis

Key Role Responsibilities

• Lead and manage the daily operations of the internal Security Operations team and primary relationship with any outsourced SOC solution ensuring 24/7 monitoring and response coverage.
• Oversee cyber defence capabilities including SIEM, SOAR, EDR/XDR, threat intelligence, and identity protection.
• Develop and maintain operational procedures, playbooks, and response frameworks.
• Direct the full incident response lifecycle: detection, triage, containment, eradication, recovery, and post-incident review.
• Coordinate major incident management with IT Infrastructure, Cloud, and Business teams.
• Ensure lessons learned are captured and drive meaningful improvement.
• Oversee the vulnerability management programme, ensuring timely identification, prioritisation, and remediation of risks.
• Partner with asset owners to ensure patches, configuration hardening, and remediation actions are completed.
• Support risk assessment processes and provide input to security governance and compliance teams.
• Ensure the design, tuning, and optimisation of detection rules, alerts, and correlation logic across security platforms.
• Drive automation initiatives using SOAR to improve response speed and reduce operational workload.
• Maintain robust coverage across cloud, on-premise, network, and endpoint environments.
• Lead, mentor, and develop cyber engineers and analysts.
• Build capability through training, certifications, and knowledge-sharing programmes.
• Foster a culture of continuous improvement, collaboration, and high performance.
• Work with technology, business, and leadership teams to communicate risks, incidents, and security posture.
• Provide reporting on KPIs, threat trends, operational performance, and compliance metrics.
• Support audits, regulatory assessments, and customer assurance activities.

Critical Competencies

• Proven experience managing a SOC or security operations function within a complex enterprise environment.
• Strong understanding of SIEM, SOAR, EDR, IDS/IPS, firewalls, and cloud-native security tooling.
• Deep knowledge of cyber security frameworks such as NIST CSF, MITRE ATT&CK, ISO 27001, or CIS Controls.
• Demonstrated expertise in incident response and threat management.
• Experience working in hybrid cloud environments (Azure, AWS, or GCP).
• Strong leadership, communication, and stakeholder management skills.
• Any security certification would be an advantage.

Benefits

• 35 days' holiday (including bank holidays) with additional buy/sell options
• 24/7 mental health support & free counselling available
• Flexible benefits, including early access to salary via our internal platform
• Hybrid working options to support work-life balance and individual needs
• Recognition awards, social events & more

We're committed to creating an inclusive, supportive workplace where everyone can flourish. If you need any adjustments during the recruitment process—or once you're part of the team—just let us know.