Cyber Security Operations Lead

Cyber Security Operations Lead

Haywards Heath, Home Office (Remote) or Manchester
up to £65,000 (DOE) plus excellent benefits package.
Technology and Data
Apply for this job

We’re First Central Insurance & Technology Group (First Central for short), an award-winning innovative insurance and technology organisation, delivering market-leading motor insurance, underwriting, distribution, finance, technology and legal services.

We currently have an exciting opportunity for a Cyber Security Operations Lead to join our Technology and Data team in either Salford Quays, Manchester, Haywards Heath, West Sussex, or you can be based remotely, within the UK, with occasional travel to our offices.

As the Cyber Security Operations Lead you will support the Cyber function in delivering the IT Support / Corporate Services business objectives and implementation of the Cyber strategy to meet business infrastructure and platform needs and growth targets.  This role will be responsible for the Security Operations Center Services and protective monitoring systems whilst overseeing all SOC Team members. This role will take overall responsibility for the cyber analysts, incident classification and incident response actions such as notifications and alerting, as well as monitoring security infrastructure, identifying and reporting real time attacks and vulnerabilities on the network. The role will also support the Cyber Security Manager in enhancing the cSOC solutions and services to support the delivery of the cyber security strategy. 

To be successful in this role, you’ll need:

  • Experience in managing a Hybrid Security Operations Center Services, with protective monitoring systems and experience of overseeing team members.
  • A strong understanding of managing incident classification and incident response, monitoring, reporting, and tracking of vulnerability remediation.
  • Experience in supporting the enhancement of the cSOC solutions and services to support the delivery of the cyber security strategy.

Job Responsibilities:

  • Support the Cyber Manager in defining strategic roadmaps for SOC security solution and services handling incoming incident response tickets through to completion.
  • Implement and maintain 1st line security incident / event management, escalation and technical response process and investigate suspected and actual incidents / events.
  • Acting as a key escalation point in the team to the relevant team/individual.
  • Design, implement, manage, monitor, and upgrade security measures for the protections of the information systems and networks.
  • Support out of hours upgrades/implementations and testing in conjunction with Business Change, Technology, and other stakeholders.
  • To participate in a 24/7 on-call rota to respond to security alerts and adhere to the requirements and responsibilities of the oncall policy. 
  • Work with relevant control owners/teams to understand and identify areas for improvement on the identification of and recovery from information security threats and incidents.
  • Support the planning, development, documentation, implementation and testing of the corporate cyber security controls and processes. .
  • Adhere to change management processes for all implementations.
  • Assist in software auditing ensuring compliance.
  • Provide support to all other departmental staff and ensure delivery of requested services
    Identify and feedback any potential improvements from a cyber perspective to IT systems and infrastructure.
  • Responsible for ensuring all system & procedural documentation is accurate, effective, and up to date.
  • Line management duties including coaching and development of Cyber Operations Analysts
    Comply with the requirements, and act in accordance with, the Group Code of Conduct and Fitness and Propriety policies at all times.
  • Ensure compliance with Company Policies, Values and guidelines and other relevant standards/ regulations at all times.
  • Any other reasonable duties.

Job Specific Competencies:

  • Strong understanding of at least 5 of the following 6 core technology areas (Sentinel, MCAS, Defender, Office365 Security, DLP) including their configuration (excess of 5 years’ experience).
  • Experience of end-to-end Penetration testing from scoping to remediation.
  • Excellent analytical & problem-solving skills, identifying root causes and offering innovative and cost optomised solutions.
  • Assist in the delivery of Cyber Security work-streams, assessing impact on IT service security to prioritise actions.
  • Strong time management and self-discipline skills.
  • Experience of compiling reports detailing activity and progress along with project plans to within accurate timescales.
  • Excellent stakeholder management skills for end users all the way up to C-Suite.

Skills & Qualifications

  • Certified Information Systems Security Professional (CISSP)  (Preferable)
    Web Application Security.
  • Experience in creating and maintaining BAU runbooks, use-case definitions, and operating procedures.
  • Expertise in the use of security frameworks such as Mitre ATT&CK, NIST or the ISF’s Standard of good practice.
  • Strong administration of Azure Cloud and Data Centers infrastructure.
  • Strong network and firewall knowledge.
  • Significant experience in using analysis tools and working with Azure
    SIEMs, SOCs and other vendors to produce reports and performance reports which inform priority and recommended actions to enhance.
  • 5 years’ experience in Cyber Security related duties.
  • Excellent communication and interpersonal skills.
  • Strong analytical and problem-solving skills.
  • Azure and cyber security accreditation preferable


  • Security by default approach to delivery.
  • Self-motivated and enthusiastic.
  • A quick thinker with a ‘can do’ attitude and an aptitude for creativity.
  • An organised and pro-active approach.
  • Demonstrates an ability to help others and is approachable.
  • Experienced in building relationships with internal and external stakeholders.
  • Takes initiative to make decisions.
  • A flexible approach and positive attitude.
  • Ability to work on own initiative and as part of a team.
  • Emphasis on attention to detail and accuracy.
  • Strives to drive business improvements to contribute to the success of the business.
  • Embrace, embed and incorporate the company values.

What can we do for you?

We believe we can offer you a great working environment as we’re so passionate about our people. Here are just some of the benefits and perks that we offer…

  • Fantastic training and development opportunities
  • Employee benefit packages to suit your lifestyle
  • Flexible working
  • YOUday – we give you an extra day off to celebrate a special day
  • The opportunity to take a paid day off each year to do charity work
  • A health cash plan
  • Help with travel expenses
  • The opportunity to buy additional holiday
  • Company pension scheme
  • Group life assurance
  • Enhanced maternity and paternity pay
  • Professional subscription fees paid

Employee wellbeing is high on the agenda here too. We provide discounted membership at a local health club and access to an Employee Assistance Programme, which promotes physical and emotional wellbeing at work and at home. In addition, we provide wellbeing events throughout the year to support physical and mental health.

For further information on what we can offer and to learn more about this role, feel free to contact our dedicated Talent team.

View more about our Benefits

Apply for this job


86% of people would recommend a friend to work at First Central

Based on 164 Glassdoor reviews (March 2022)


View all benefits >

Flexible working

We support colleagues who wish to work flexibly whilst meeting the needs of the business.


If it’s your birthday or you just fancy some me-time, get an extra day off for whatever you want.

Holiday Extra

We give you two opportunities each year to buy or sell up to five days of holiday.


Get a day off each year to take part in volunteering activities.

Health cash plan

Claim money back on your healthcare costs, such as dental check-ups and eye tests.

Season ticket loan

We provide interest-free loans to cover the cost of season tickets for rail, bus or car parking.