Operational Security Manager in City of London

Location

London

Contract Type

Permanent

Work Pattern

Full Time and minimum of 3 days in London

Position Overview

We are seeking an experienced and dynamic Operational Security Manager to oversee critical components of our cybersecurity program, including Vulnerability Management, Cyber Threat Intelligence (CTI), and Incident Management and Response. This role will be pivotal in ensuring the security and resilience of MS Amlin’s infrastructure and data. The Security Operations Manager will also be responsible for managing relationships and performance with a service integrator or Managed Service Provider (MSP) for outsourced Security Operations Center (SOC) and SIEM functions. This role will report to the Head of Operational Security and Programmes.

MS Amlin is part of a global top‑10 insurance group, MS&AD. We’re made up of four distinct businesses covering Global Reinsurance, Lloyds Franchise, Local Specialty Insurer, and Business Services. MS Amlin Business Services (MS ABS) supports the organisation through legal, HR, facilities management, IT, risk management, compliance, and finance. Our vision is to be a trusted partner and solution provider of choice.

Key Responsibilities

• Support the development, implementation, and management of security operations strategies for Vulnerability Management, CTI, and Incident Response.
• Ensure alignment of security operations with MS Amlin and customer goals, risk management priorities, and compliance requirements.
• Lead a team of cybersecurity professionals and foster a culture of collaboration, continuous improvement, and excellence.
• Oversee vulnerability scanning, assessment, prioritization, and remediation efforts in collaboration with IT and business teams.
• Work with the team to establish processes for tracking, reporting, and mitigating vulnerabilities to reduce the organization’s attack surface.
• Stay updated on emerging vulnerabilities and provide actionable guidance to stakeholders.
• Support and direct the integration of CTI insights into security operations to proactively address emerging threats.
• Ensure CTI analysts deliver actionable intelligence to support threat detection, incident response, and risk mitigation.
• Ensure CTI leverages external threat‑sharing networks and industry resources to enhance the MS Amlin intelligence capabilities.
• Lead the development and execution of an effective Incident Response program, including playbooks, processes, and reporting.
• Manage security incidents and local investigations, coordinating cross‑functional teams to resolve incidents efficiently and minimise impact.
• Support the process of post‑incident reviews to identify root causes, lessons learned, and areas for improvement.
• Act as the primary point of contact for the service integrator or MSP delivering SOC and SIEM services.
• Define and monitor key performance indicators (KPIs) and service level agreements (SLAs) to ensure effective performance and accountability.
• Collaborate with the MSP to optimise threat detection and response capabilities.
• Regularly review and evaluate service delivery, providing feedback and driving continuous improvement.
• Work closely with stakeholders across IT, risk management, and business units to ensure seamless integration of security operations into broader business objectives.
• Ensure information regarding security risks, incidents, and program performance are available for presentation to executive leadership and other key stakeholders.
• Work with the Cyber GRC function to ensure security operations align with regulatory requirements, industry standards, and best practices.
• Support the maintenance of documentation of processes, policies, and procedures required for audits and compliance initiatives.

Qualifications

• Experience in cybersecurity operations, with at least 3 years in a managerial or leadership role.
• Proven experience in managing outsourced SOC/SIEM services and working with MSPs.
• Strong background in Vulnerability Management, CTI, and Incident Management.
• Familiarity with cybersecurity frameworks and standards (e.g., NIST CSF, ISO 27001, MITRE ATT&CK).
• Knowledge of vulnerability scanning tools (e.g., Qualys, Nessus) and SIEM platforms (e.g., Splunk, QRadar, Sentinel).
• Understanding of threat intelligence processes and incident response methodologies.
• Strong leadership and team management skills with a focus on collaboration and professional development.
• Excellent communication skills, with the ability to convey technical concepts to non‑technical audiences and senior leadership.
• Strategic thinking with the ability to balance long‑term objectives with immediate operational needs.
• Certified Information Systems Security Professional (CISSP)
• Certified Information Security Manager (CISM)
• GIAC Certified Incident Handler (GCIH)
• Certified Ethical Hacker (CEH)
• Strategic leadership and decision‑making.
• Strong analytical and problem‑solving skills.
• Ability to manage complex, multi‑faced programs.
• Commitment to operational excellence and continuous improvement.

What Can You Expect From Us

• Competitive Base Salary
• Performance Related Discretionary Bonus
• Holiday: 28 days core annual leave, and you can buy up to 5 days
• Pension: A minimum 2% employee contribution plus 7% MS Amlin contribution (9%) up to a maximum of 5% employee contribution plus 13% MS Amlin contribution (18%)
• Private Medical: cover for yourself; family members/dependants can be added
• Flex Fund: £1,000 (pro‑rated based on start date) to spend on flexible benefits
• Life Assurance: 5 x annualised base salary

Equity, Diversity & Inclusion

Each one of us is unique because of our backgrounds, what we have learned so far and how we express that. Establishing an inclusive attitude helps us, organisationally, to ‘think outside the box’ because it calls on that diverse range of ideas, perspectives and lived experiences. We commit to continuing our work towards a more diverse and inclusive future by recognising that our business, our teams and every colleague has a part to play in driving the positive change we all want to see. Our values demonstrate our commitment to providing an environment in which each and every colleague is respected for who they are and what they can contribute to the business, regardless of nationality, race, ethnicity, religion/faith, sexual orientation, gender identity, gender expression, disability, socio‑economic background, sex or age.