Cyber Security Operations Manager in Leeds

EPUKI is seeking a Cyber Security Operations Manager to join its Cyber Security team. This is an exciting opportunity to help shape the future of a dynamic and innovative company. The purpose of this role is to provide specialist expertise in leading and enhancing our organisation's cyber detect, response, and recover capabilities. The role will take primary responsibility for strengthening security operations, improving incident detection and response processes, and driving maturity in recovery practices. It will also lead a structured maturity improvement plan aligned to regulatory compliance expectations. This role will be a core part of the cyber security team, supporting both day-to-day activity and the team's longer-term strategic objectives. In addition, it will contribute to wider cyber risk responsibilities to help maintain regulatory compliance and strengthen EPUKI's overall cyber resilience as the threat landscape continues to evolve. The role is based in Leeds and operates on a hybrid model, with an expectation of up to three days per week in the office. Travel across the UK and Ireland is expected.

Key Responsibilities

• Supporting the maturity of IT & OT detect, respond, and recover capabilities, collaborating with IT and operational teams to strengthen monitoring, incident handling, and recovery processes in operational environments.
• Working closely with IT teams to ensure security standards and controls are implemented consistently and effectively across all environments.
• Providing oversight of security operations delivered by IT and third party SOC/MDR partners, ensuring effective monitoring, detection, response, performance tracking, and operational coverage.
• Overseeing day-to-day cyber security operations, ensuring effective collaboration across IT, security teams, and external partners.
• Leading security awareness and training initiatives to ensure staff and managers understand cyber risks, responsibilities, and how to recognise and report security incidents.
• Acting as a trusted advisor to the business on cyber risk, controls, and good practice, providing clear and actionable guidance.
• Developing, maintaining, and supporting the implementation of security standards and control requirements for IT and suppliers.
• Managing the cyber supply chain risk, including supplier assurance, cyber due diligence, risk assessments, and ongoing oversight of third party cybersecurity posture.

Skills, Knowledge and Expertise

• Demonstrable experience within a related cyber security role - essential.
• Experience of direct application of industry frameworks and guidance to business processes and decisions - essential.
• Knowledge of the MITRE ATT&CK framework - essential.
• Strong technical security knowledge, including hands-on experience with Microsoft Sentinel for security monitoring, analytics, detection engineering, and incident investigation - essential.
• Awareness of cyber security risk management frameworks, such as ISO27001 or NIST-Cyber Security - desirable.
• Familiarity with cloud security principles and NCSC Secure by Design principles - desirable.
• Knowledge of Network and Information Systems (NIS) regulations and the Cyber Assessment Framework (CAF) - desirable.
• Experience working in a cyber regulated or high assurance sector or operating model - desirable.
• Experience working in a team structure with examples of managing different types of stakeholder relationships - desirable.
• Experience working in an operating model with a broad range of tasking and fast-moving workload timelines - desirable.

Behaviours

• Ability to interpret complex cyber information into actionable decisions and outcomes - essential.
• Excellent communication skills - essential.
• Excellent team player - essential.
• Tasking management - essential.

Qualifications

• CISSP or CISM certified - essential.
• Degree qualified in a relevant field - desirable.

Security Clearance

The successful candidate must be able to achieve and maintain both a Baseline Personnel Security Standard (BPSS) and a Security Check (SC) for this role. Further details are available on the UK Security Vetting Website.