Security Operations Centre (SOC) Manager

Are you ready to lead the evolution of cyber defence at one of the UK's leading Universities?  

Your leadership will be instrumental as Man Met embarks on a major security and risk transformation programme—building a resilient, agile, and forward-looking security capability that supports innovation across the University.

Manchester Metropolitan University is seeking an experienced and motivated Security Operations Centre (SOC) Manager to lead and develop our Cyber Security Operations function. In this pivotal role, you'll guide a talented team to detect, investigate, and respond to threats across a diverse and complex digital estate.  

You'll shape the direction of our security operations, optimise the use of key platforms, develop our threat management approach, and drive improvements in our incident response and vulnerability management capabilities. You'll also take the lead in developing meaningful KPIs and performance metrics to monitor operational effectiveness, inform strategic decisions, and support continual service improvement.  

If you're passionate about making a difference, influencing strategic direction, and developing people and processes in a high-impact role, please read on!  

About the Role 

We're looking for a Security Operations Centre (SOC) Manager to lead and evolve our Cyber Security Operations capability at Manchester Metropolitan University. This is a key leadership role at the forefront of our efforts to protect the University's systems, data, and people from cyber threats.  

As SOC Manager, you'll be responsible for overseeing day-to-day security operations—managing a skilled team of analysts and specialists, ensuring the effective use of security tools and platforms, and driving continual improvements in detection, response, and threat management. You'll play a crucial role in shaping operational strategy, maturing incident response processes, and embedding a measurable, proactive approach to cyber defence.  

This is a highly collaborative role, requiring strong technical knowledge, excellent leadership skills, and the ability to communicate effectively across technical and non-technical audiences. You'll work closely with colleagues across Information Security, IT and wider university services to enhance our security posture and support the delivery of a major security and risk transformation programme, including a major refresh of SOC tooling and capability.   

It's a unique opportunity to lead a growing team within a supportive and forward-thinking environment, where your work will make a measurable impact and help shape the future of cyber resilience in higher education.  

Key Responsibilities  

• Lead the day-to-day operations of the University's Security Operations Centre (SOC), managing a team of analysts, engineers and external partners to ensure effective monitoring, detection, and response to cyber threats. 
• Provide line management and leadership to the SOC team, including performance management, mentoring, and professional development, while fostering a collaborative and high-performing culture aligned with the University's strategic objectives. 
• Act as the primary incident manager during major security events, driving the cyber incident response process and ensuring swift, coordinated action. 
• Develop and maintain key SOC processes, including standard operating procedures, escalation paths, and workflows. 
• Define and report on KPIs, SLAs, and performance metrics to measure operational effectiveness and support strategic decision-making. 
• Oversee threat management, SIEM optimisation, and vulnerability management activities, ensuring tools and workflows are continually tuned for impact. 
• Serve as the main point of contact for outsourced SOC services and contribute to our wider sourcing strategy. 
• Collaborate closely with the Deputy CISO and security leadership to shape strategic direction, enhance service integration, and foster a culture of continuous improvement.  

Key Skills & Experiences  

• Proven leadership in cyber security operations, with experience managing a Security Operations Centre (SOC) or equivalent function, including oversight of both internal analysts and external partners. 
• Track record of developing and implementing SOC processes, including playbooks, escalation protocols, and standard operating procedures to ensure efficient, consistent operations. 
• Experience in designing and reporting on KPIs, SLAs, and performance metrics to monitor SOC performance, drive continual improvement, and provide visibility to senior leadership. 
• Expertise in incident management, acting as a senior point of escalation and coordination during cyber incidents, ensuring effective response and stakeholder communication. 
• Experience leading and developing high-performing teams, fostering a collaborative, inclusive culture aligned to organisational goals. 
• Strong technical background in threat detection, SOC optimisation, and vulnerability management, with hands-on experience using industry-standard tools and platforms. 
• Capability to manage outsourced SOC services, aligning partner activities with internal goals, setting performance expectations, and maintaining quality service delivery. 
• Strategic thinking and planning ability, including the development of technical roadmaps, risk mitigation strategies, and resource alignment for both BAU and project work. 
• Strong stakeholder engagement skills, with the ability to explain complex security issues to non-technical audiences and build trusted relationships across teams. 
• Agile, collaborative leadership style, focused on mentoring team members, encouraging professional growth, and cultivating a culture of proactive security. 
• Commitment to continuous improvement and industry engagement, staying current with evolving threats, technologies, and best practices. 

 Highly Desirable Certifications 

• Industry-recognised certifications such as CISSP, CISM, GIAC (e.g., GCIH, GCIA), or CompTIA Security+ / CySA+. 
• Relevant technical certifications such as Cisco CCNP Security, Microsoft SC-200, or SANS Blue Team certifications. 
• Framework-related qualifications (e.g. ISO 27001 Lead Implementer/Auditor, NIST CSF, or TOGAF) demonstrating capability in structured security operations and strategic alignment. 

 To learn more about this exciting opportunity and benefits we offer, please read the JD and Candidate Pack. 

About the Team 

Our Cyber Security Operations team plays a vital role in safeguarding the University's digital environment. We protect a diverse community of students and staff and systems by monitoring, detecting, and responding to cyber threats across a complex and evolving technology landscape. Part of the wider Information Security function, the team includes multi-skilled Security Analysts and Engineers who work together with professionals across the wider IT& Digital department to provide a coordinated and effective cyber defence capability. We operate a range of essential tools and services—including a SOC function, vulnerability and threat management, incident response and security testing capabilities.  

We align our work with recognised frameworks such as the NCSC Cyber Assessment Framework (CAF), NIST CSF, and CIS Controls, ensuring we keep pace with industry best practice while tailoring our approach to the unique challenges of the higher education sector. 

As part of the team, you'll contribute to a supportive and collaborative environment where ideas are valued, development is encouraged, and your work has a clear and lasting impact. Looking ahead, the Cyber Security Operations team will play a central role in delivering a major security and risk transformation programme—an exciting opportunity to shape the future of cyber resilience at Manchester Met.  

About the Directorate & Department

As IT&D, we help to create the University of the future by co-designing new ways of working, enhancing productivity, reducing complexity, supporting innovation, and providing the insights to drive continual improvement. Embracing a digital future in an evolving modern university, you will be working in partnership with our academic and Professional Services colleagues to deliver digital services that help the University achieve its strategic objectives in teaching and research, nationally & globally.  

Our Information Security department is responsible for developing, operating, and continuously improving information security across the University, ensuring the availability, confidentiality, and integrity of its information. We define information security policies and procedures, advise on secure IT arrangements, provide training and practical advice that the University can use to meet business requirements while maintaining security. We are responsible for information security risk management and compliance, and the monitoring of IT systems to prevent, detect, and respond to attacks.  

Application & Assessment Process

• To apply, please submit a CV and covering letter detailing your suitability, on the application portal. For informal enquiries, about this vacancy, please contact Ian Scott on i.scott@mmu.ac.uk 
• Assessment process will include a competency test followed by an interview, scheduled for the w/c 23 June.

If you would like to join our people and share our ambition, we would love to hear from you! 

Manchester Metropolitan University fosters an inclusive culture of belonging that promotes equity and celebrates diversity. We value a diverse workforce for the innovation and diversity of thought it brings and welcome applications from local and international communities, particularly those from Black, Asian, and Minority Ethnic backgrounds, disabled people, and LGBTQ+ individuals. 

We support a range of flexible working arrangements, including hybrid and tailored schedules, which can be discussed with your line manager. If you require reasonable adjustments during the recruitment process or in your role, please let us know so we can provide appropriate support. Our commitment to inclusivity includes mentoring programmes, accessibility resources and professional development opportunities to empower and support underrepresented groups. 

Recruitment Agencies: The University has engaged an approved list of recruitment agencies to support the recruitment of its vacancies from time to time. The University does not accept speculative applications from recruitment agencies outside of this list.