Cyber Security Operations Manager

At The Institute of Chartered Accountants England & Wales (ICAEW), you'll be part of an organisation that is shaping the future of business, finance and the accountancy profession on a global scale. Our bold 2030 Strategy puts members, innovation, sustainability and trust at the heart of everything we do; creating an exciting, forward‑looking environment where your work has real impact. We invest in our people through our benefits package, continuous development and a supportive, inclusive culture that empowers you to grow and thrive. If you're looking for a role with purpose, influence and opportunity, ICAEW is a place where your future can truly take shape.

We're looking for a Security Engineering Lead to join our team in Milton Keynes on a permanent basis. This role offers a salary of £72,000 - £82,000 and a hybrid working pattern of 2 days in the office.

What you will be doing:

• Implement and maintain security technologies including SIEM, endpoint protection, identity security, and vulnerability management tools.
• Configure and optimise security platforms to ensure effective monitoring and protection.
• Develop and maintain log ingestion pipelines and security telemetry across infrastructure and applications.
• Integrate security tools into cloud and on‑premise environments.
• Develop and tune detection rules to identify suspicious activity across networks, systems, and user behaviour.
• Map detection logic to the MITRE ATT&CK framework.
• Monitor security alerts and investigate anomalies or potential threats.
• Improve detection coverage through log enrichment and behavioural analysis.
• Support security incident investigations including triage, analysis, and remediation activities.
• Analyse logs, endpoint data, and network traffic to identify root causes of incidents.
• Document incidents and contribute to post‑incident reviews and improvements.
• Develop automation scripts using tools such as Python, Bash, or PowerShell to improve security operations efficiency.
• Automate alert triage, enrichment, and response workflows.
• Support integration of security testing and monitoring into CI/CD pipelines.
• Support vulnerability management processes including scanning, analysis, and remediation tracking.
• Assist infrastructure and development teams in implementing secure configurations and patching strategies.
• Identify opportunities to improve system hardening and security baselines.

What you will need:

• Substantial experience working in cybersecurity engineering or security operations environments.
• Hands‑on experience with security tools such as SIEM platforms, endpoint detection tools, vulnerability scanners, and identity management systems.
• Knowledge of operating systems security including Linux and Windows environments.
• Familiarity with cloud security concepts across major cloud providers.
• Experience of automating security processes.
• Extensive knowledge of modern cyber threats and attack techniques.

Professional Certifications may include:

• CompTIA Security+
• GIAC Security Essentials (GSEC)
• Certified Information Systems Security Professional (CISSP)
• CompTIA Advanced Security Practitioner (CASP+)
• Microsoft Security, Compliance, and Identity certifications
• Cloud security certifications from providers such as Amazon Web Services or Microsoft

What you can expect from us:

We believe doing your best work starts with feeling supported both professionally and personally. That's why we offer a range of benefits designed to give you flexibility, security, and peace of mind:

• A generous 9% pension
• Healthcare cash plan
• Private Medical Insurance
• Life assurance at 4x your salary
• 24 days' holiday, and the option to buy or sell extra days
• Flexible and hybrid working to help you find the right balance
• Everyday savings through gym discounts, travel loans, and retail perks
• Enhanced family leave, including up to 6 months on full pay
• Ongoing wellbeing support, including access to CABA
• A paid day each year to volunteer for a cause that matters to you

It's all part of creating an environment where you can thrive, in work and beyond. For a full overview of our benefits package please see below.

We reserve the right to close this vacancy earlier than the advertised closing date should we receive enough suitable applications. We therefore encourage interested candidates to apply as soon as possible to avoid disappointment.