Cyber Security Operations Manager in London

On behalf of the Met Office, we are looking for a Cyber Security Operations Manager (Inside IR35) for a 6‑month contract based Hybrid in Exeter. The Cyber Security Operations Manager is a leadership role responsible for overseeing the Security Operations Centre (SOC) within the Cyber Security team. The role will design, implement and continuously improve the department’s Security Operations strategy, ensuring rapid detection, response and recovery from cyber threats and incidents. The role will lead a team of security professionals, embed security practices in line with best practice standards, and has management responsibility for 8+ team members.

Responsibilities

• Team Leadership & Development – Lead, manage and mentor a team of cyber security analysts to ensure the team operates effectively. Develop the team utilizing the career framework to identify learning needs and career pathways.
• Incident Management – Lead incident detection, triage, escalation and resolution processes; assessing impacts and directing appropriate measures to contain and mitigate threats, conduct post‑incident reviews and drive continual service improvement including exercising to test procedures.
• Security Monitoring – Be the escalation point for alerts; provide direction for improvements to monitoring systems for our environment covering specific technologies or threats. Direct the development and tuning of new and existing rules.
• Threat Intelligence – Stay up to date on the latest cyber threats and attack techniques, incorporating threat intelligence into security practices and cascading to relevant stakeholders.
• Reporting & Metrics – Define cyber security metrics and targets. Prepare and present regular reports on security incidents, and trends to management, translating technical metrics into business‑focused risk insights.
• Vendor & Stakeholder Management – Oversee service providers, manage Service Level Agreements (SLAs) and Key Performance Indicators (KPIs), serve as the principal interface with cross‑government departmental SOCs.
• Budget Management – Support the management of the department budget to ensure optimal allocation of resources to meet security objectives.

Essential Qualifications

• Team Leadership Experience – Demonstrated ability to lead and manage a team, including decision‑making, effective communication and service management skills.
• Incident Management – In‑depth knowledge of incident management processes, including the ability to assess the impact of critical security incidents and lead the response efforts, ensuring procedures are available and maintained.
• Security Monitoring – Proven experience delivering an effective security monitoring capability with continuous improvements that reflect changes from risks and threats in a timely manner, including proactive threat hunting and intrusion detection.
• Threat Intelligence – Proven experience delivering threat intelligence and assessment in the context of the organisation to stakeholders by gathering and analysing information to identify and mitigate cyber threats from both open‑source (OSINT) and commercial threat intelligence.
• Cyber Security Operations – Proven experience operating cyber security solutions and tools (e.g. Security Information and Event Management (SIEM)), maintaining security records and documentation in accordance with security operating procedures.
• Vendor & Stakeholder Management – Demonstrated experience in managing relationships with external vendors, managed security service providers (MSSPs) and technology partners, ensuring contractual obligations, Service Level Agreements (SLAs) and performance metrics are consistently met or exceeded.
• SC Clearance – Must be willing & eligible to undergo checks, and holding an active security clearance is preferred.

Desirable Qualifications

• CISSP, CISM or equivalent professional cybersecurity certification.
• Experience with Cloud Security (AWS, Azure).
• ITIL Foundation (or equivalent) service management qualification.

This role can only be worked within the UK.