Cyber Security Operations Manager in Liverpool

Acorn Insurance are looking to recruit a brand-new role as a Cyber Security Operations Manager. The Cyber Security Operations Manager will lead the operational security function responsible for protecting the organisation's information assets, technology services, and users. This role oversees all security operation functions, incident response, threat detection, vulnerability management, and continuous improvement of the organisation's security posture. Working closely with Infrastructure, Cloud, Architecture, Governance, Compliance and Risk teams, the manager ensures that security operations are proactive, resilient, and aligned with business needs.

Salary: Up to £75,000 Depending on experience
Working Hours: 37.5 hours per week, Monday to Friday
Location: Liverpool City Centre on a Hybrid working basis

Key Role Responsibilities

• Lead and manage the daily operations of the internal Security Operations team and primary relationship with any outsourced SOC solution ensuring 24/7 monitoring and response coverage.
• Oversee cyber defence capabilities including SIEM, SOAR, EDR/XDR, threat intelligence, and identity protection.
• Develop and maintain operational procedures, playbooks, and response frameworks.
• Direct the full incident response lifecycle: detection, triage, containment, eradication, recovery, and post-incident review.
• Coordinate major incident management with IT Infrastructure, Cloud, and Business teams.
• Ensure lessons learned are captured and drive meaningful improvement.
• Oversee the vulnerability management programme, ensuring timely identification, prioritisation, and remediation of risks.
• Partner with asset owners to ensure patches, configuration hardening, and remediation actions are completed.
• Support risk assessment processes and provide input to security governance and compliance teams.
• Ensure the design, tuning, and optimisation of detection rules, alerts, and correlation logic across security platforms.
• Drive automation initiatives using SOAR to improve response speed and reduce operational workload.
• Maintain robust coverage across cloud, on-premise, network, and endpoint environments.
• Lead, mentor, and develop cyber engineers and analysts.
• Build capability through training, certifications, and knowledge-sharing programmes.
• Foster a culture of continuous improvement, collaboration, and high performance.
• Work with technology, business, and leadership teams to communicate risks, incidents, and security posture.
• Provide reporting on KPIs, threat trends, operational performance, and compliance metrics.
• Support audits, regulatory assessments, and customer assurance activities.

Critical Competencies

• Proven experience managing a SOC or security operations function within a complex enterprise environment.
• Strong understanding of SIEM, SOAR, EDR, IDS/IPS, firewalls, and cloud-native security tooling.
• Deep knowledge of cyber security frameworks such as NIST CSF, MITRE ATT&CK, ISO 27001, or CIS Controls.
• Demonstrated expertise in incident response and threat management.
• Experience working in hybrid cloud environments (Azure, AWS, or GCP).
• Strong leadership, communication, and stakeholder management skills.
• Any security certification would be an advantage.

Benefits

• A maximum of 35 days' holiday (depending on role and tenure) including bank holidays, with additional buy/sell options.
• 24/7 mental health support & free counselling available.
• Flexible benefits, including early access to salary via our internal platform.
• Hybrid working options to support work-life balance and individual needs.
• Recognition awards, social events & more.

Our Commitment to our Colleagues

• Mindful Employer - championing mental health and wellbeing.
• Disability Confident Level 1 & 2 - creating accessible, inclusive opportunities.
• Menopause Friendly accredited - supporting every stage of life.
• Armed Forces Covenant signatory - honouring those who serve.
• Great Places to Work 2024/25 - fostering an engaging and positive workplace culture.

A Few Things to Know Before You Apply

If your application is successful, we will commence relevant employment checks prior to you commencing employment with us. These will include a standard criminal record check and an insolvency register check.

Visa Requirements

Because our training is quite comprehensive, we can only consider applicants who have at least one year remaining on their Graduate or Post-Study Work visa. At the moment, we’re not able to offer visa sponsorship.

We’re Here to Support You

We’re committed to creating an inclusive, supportive workplace where everyone can flourish. If you need any adjustments during the recruitment process-or once you’re part of the team-just let us know. Whether it’s flexible hours, adapted equipment, or a bit of extra support, we’ll work with you to make sure you can do your best work.