Manager, Security Operations

The Maples Group is a standard bearer in financial and legal services, trusted by many of the world’s largest hedge fund managers, private equity firms and international corporations. Our distinction flows from our carefully curated team: 2,500+ professionals characterised by tenacity, ethics, and exacting excellence. Operating in key financial centres across the Americas, Asia, Europe and the Middle East, our international presence offers a unique springboard for career development and cross‑cultural immersion. Our side‑by‑side financial and legal services are similarly ripe for interdisciplinary learning and growth.

The Security Operations Manager is responsible for the day‑to‑day operation and continual improvement of the Security Operations function, working in lock‑step with Regional Security Operations Managers (North America, Asia) in a follow‑the‑sun model. The Manager is responsible for the day to operations of the SOC team including continuous monitoring and analysis of data, alerts and reports to ensure timely and proactive escalation of potential events/items of interest. The role will include access control, application and development security, risk management, operational security, incident response, business continuity, operational and physical security of systems, as well as ongoing user awareness training and reporting requirements.

Primary responsibilities include:

• Collaborate with peers to ensure the implementation and operational effectiveness of security programs is maintained.
• Take ownership of SOC maturity roadmap and drive an automation first security operations approach.
• Align SecOps processes to NIST CSF, ISO/IEC 27001/2, and relevant regulatory or assurance needs (e.g., SOC 2, PCI DSS where applicable).
• Ensure meaningful metrics are produced to measure the efficiency and effectiveness of the security programs and policies and to identify areas of improvement (MTTD/MTTR/MTTC/MTTRc, Alert‑to‑case conversion rate; false‑positive rate; automation coverage).
• Maintain quality of service by following organisational standards, ensuring SLA's are met at all times.
• Lead, coach, and develop SOC staff through regular 1:1s, performance reviews, and development plans.
• Manage shift coverage, on call rotations, and workload balancing in a global, follow the sun environment.
• Lead and participate in continuous active threat hunting across the environment, combining reactive alert handling with proactive identification of trends, anomalies, and emerging threats, working with peers to resolve any potential threats in a timely manner.
• Provide recommendations for security improvements by assessing current situations, evaluating trends and anticipating requirements.
• Coordinate vulnerability remediation activities with Infrastructure, Cloud, and Application teams, tracking outcomes through data driven dashboards.
• Support audits and control testing; maintain evidence repositories; close findings with measurable improvements.
• Participate in security assessments of desktops, servers, networks, firewalls, data encryption, data loss prevention and other security measures.
• Actively contribute to tuning efforts for security systems, working with colleagues to ensure optimisation of tools used, including automating where possible.
• Identify repetitive analyst tasks and assist with converting them into automated workflows with SOAR, scripting, or existing platform capabilities.
• Contribute to team effort by supporting peers and accomplishing related results as needed.
• Recognise problems by identifying abnormalities and reporting security violations.
• Maintain knowledge by attending training courses, educational workshops, webinars and reviewing publications.
• Ensure that regular knowledge transfers take place, full documentation of processes is maintained and tasks are regularly rotated to maintain excellent service levels during periods of team absence.
• Work closely with other InfoSec teams to optimise efforts across the department and ensure no duplication of effort.

What You Bring:

• 7+ years in Security Operations/SOC or Incident Response, with minimum of 5+ years leading technical teams in 24×7 or global environment.
• Proven experience across incident response, alert triage, threat hunting, data loss prevention, and operational risk analysis.
• Experience acting as incident lead or commander during high‑severity security events.
• Ability to work on own initiative with minimal to no supervision and adapt to changing environments with ease.
• Proven ability to self‑manage, while leading, managing, developing, and motivating teams in high‑pressure environments; consistently producing high standards of work on schedule in a pressured environment and while dealing with competing priorities.
• Demonstrable expertise with at least one major SIEM and EDR platform, additional hands‑on KQL/SPL, PowerShell/Python experience preferred.
• Strong understanding of ITSM workflows, implementing operational processes, and service delivery.
• Practical experience coordinating vulnerability remediation with Infra/Cloud/App teams and tracking outcomes with data‑driven dashboards.
• Solid knowledge of network systems, security protocols, security software and enterprise security architectures.
• Knowledge of best practices in developing security procedures and infrastructure.
• Strong analytical and problem‑solving skills.
• Excellent written, verbal, and presentation skills, with the ability to communicate complex security issues in clear business terms.
• Certifications such as SC-200, AZ‑500, GCIA/GCIH/GCDA or CISSP/CISM preferred, or equivalent hands‑on experience.