Manager, Security Operations in Leeds

The Maples Group looks to add a Leeds based Security Operations Manager to our team and invites eager and qualified candidates to apply. We are committed to diversity, inclusion, and equality of opportunity as we attract, retain, and develop world‑class talent.

About the Role

The Security Operations Manager is responsible for the day‑to‑day operation and continual improvement of the Security Operations function, working in lock‑step with Regional Security Operations Managers (North America, Asia) in a follow‑the‑sun model. The Manager is responsible for the day‑to‑day operations of the SOC team including continuous monitoring and analysis of data, alerts and reports to ensure timely and proactive escalation of potential events/items of interest. The role will include access control, application and development security, risk management, operational security, incident response, business continuity, operational and physical security of systems, as well as ongoing user awareness training and reporting requirements. Reporting to the Senior Cyber Risk Manager, this role will also have the following direct reports: Security Manager – Cayman, Security Operations Analyst – Leeds and Security Manager – Hong Kong.

Primary Responsibilities

• Collaborate with peers to ensure the implementation and operational effectiveness of security programs is maintained.
• Take ownership of SOC maturity roadmap and drive an automation first security operations approach.
• Align SecOps processes to NIST CSF, ISO/IEC 27001/2, and relevant regulatory or assurance needs (e.g., SOC 2, PCI DSS where applicable).
• Ensure meaningful metrics are produced to measure the efficiency and effectiveness of the security programs and policies and to identify areas of improvement (MTTD/MTTR/MTTC/MTTRc, Alert‑to‑case conversion rate; false‑positive rate; automation coverage).
• Maintain quality of service by following organisational standards, ensuring SLA's are met at all times.
• Lead, coach, and develop SOC staff through regular 1:1s, performance reviews, and development plans.
• Manage shift coverage, on‑call rotations, and workload balancing in a global, follow the sun environment.
• Lead and participate in continuous active threat hunting across the environment, combining reactive alert handling with proactive identification of trends, anomalies, and emerging threats, working with peers to resolve any potential threats in a timely manner.
• Provide recommendations for security improvements by assessing current situations, evaluating trends and anticipating requirements.
• Coordinate vulnerability remediation activities with Infrastructure, Cloud, and Application teams, tracking outcomes through data driven dashboards.
• Support audits and control testing; maintain evidence repositories; close findings with measurable improvements.
• Participate in security assessments of desktops, servers, networks, firewalls, data encryption, data loss prevention and other security measures.
• Actively contribute to tuning efforts for security systems, working with colleagues to ensure optimisation of tools used, including automating where possible.
• Identify repetitive analyst tasks and assist with converting them into automated workflows with SOAR, scripting, or existing platform capabilities.
• Contribute to team effort by supporting peers and accomplishing related results as needed.
• Recognise problems by identifying abnormalities and reporting security violations.
• Maintain knowledge by attending training courses, educational workshops, webinars and reviewing publications.
• Ensure that regular knowledge transfers take place, full documentation of processes is maintained and tasks are regularly rotated to maintain excellent service levels during periods of team absence.
• Work closely with other InfoSec teams to optimise efforts across the department and ensure no duplication of effort.

Experience What You Bring

• 7+ years in Security Operations/SOC or Incident Response, with minimum of 5+ years leading technical teams in 24×7 or global environment.
• Proven experience across incident response, alert triage, threat hunting, data loss prevention, and operational risk analysis.
• Experience acting as incident lead or commander during high‑severity security events.
• Ability to work on own initiative with minimal to no supervision and adapt to changing environments with ease.
• Proven ability to self‑manage, while leading, managing, developing, and motivating teams in high‑pressure environments; consistently producing high standards of work on schedule in a pressured environment and whilst dealing with competing priorities.
• Demonstrable expertise with at least one major SIEM and EDR platform, additional hands‑on KQL/SPL, PowerShell/Python experience preferred.
• Strong understanding of ITSM workflows, implementing operational processes, and service delivery.
• Practical experience coordinating vulnerability remediation with Infra/Cloud/App teams and tracking outcomes with data‑driven dashboards.
• Solid knowledge of network systems, security protocols, security software and enterprise security architectures.
• Knowledge of best practices in developing security procedures and infrastructure.
• Strong analytical and problem‑solving skills.
• Excellent written, verbal, and presentation skills, with the ability to communicate complex security issues in clear business terms.
• Certifications such as SC-200, AZ-500, GCIA/GCIH/GCDA or CISSP/CISM preferred, or equivalent hands‑on experience.

Benefits & Rewards

The most enduring professional relationships are reciprocal relationships. The Maples Group prioritises employee health and wellbeing. Depending on your location, we offer a range of benefits, including:

• Comprehensive health coverage (medical, dental, and optical).
• Competitive vacation packages.
• Educational assistance and professional development programmes.
• Savings or pension plan.
• Life insurance.
• Travel insurance.
• Global mental wellness programme.
• Sports clubs and social events.

Background Check Policy

Maples’ standard policy to undertake various background screening checks, including criminal records checks, on all applicants to whom a conditional job offer is made. Maples will only ask applicants to disclose a past criminal conviction when a conditional job offer is made. If you have a criminal record, it does not mean that your job offer will be automatically withdrawn. Maples will make all job offer decisions on a case‑by‑case basis and will take a number of factors into account, such as the role that you are applying for and the nature and circumstances of the past offence. You will have the opportunity to discuss the matter with Maples before a decision is made.

Privacy Statement Disclaimer: All personal information collected during the application process will be used for recruitment‑related purposes only. Please refer to our Job Applicant Privacy Notice at maples.com/privacy for details on how we handle personal information relating to job applicants.