Cyber Security Operations Manager at Primark, Reading/Remote, 6 Months, £Day Rate

Cyber Security Operations Manager

Duration: 6 Month contract

Contract Type: Inside IR35 Day Rate

Location: Reading (Hybrid working – 2-3 days per week)

We’re looking for a Cyber Security Operations Manager to join us on an initial 6 month contract, who will be responsible for overseeing day to day Security Operations Centre (SOC) capabilities, including detection, threat and vulnerability management, and incident response. The role provides senior operational oversight, acts as a key point of contact for outsourced detection and response services, and ensures security operations processes are effective, mature, and continuously improving.

You’ll work hybrid from our Reading office (2 to 3 days per week).

Key Responsibilities

Security Operations & Incident Management

• Manage the execution of Security Operations Centre (SOC) capabilities, ensuring the efficient and effective operation of detection, threat management, vulnerability management, and incident response activities.

• Support the team in ensuring the security operations toolset is deployed across the estate.

• Daily checks and trend analysis of SOC alerts

• Act as a key contact for the outsourced detection and response provider, managing operational stakeholders.

• Oversee the triage of security events from a wide range of sources, including employee reports, security systems and threat intelligence feeds.

• Manage analysis and coordinated response to detected events, ensuring appropriate containment, investigation, escalation, and communication in line with defined severity and impact thresholds.

Threat & Vulnerability Management (TVM) Oversight

• Provide operational oversight of Threat and Vulnerability Management activities, ensuring vulnerabilities are identified, prioritised, tracked, and remediated in line with risk based approaches.

• Ensure effective coordination between Security Operations, Technology, and third party teams to support timely remediation of identified vulnerabilities.

• Oversee vulnerability risk acceptance, exception handling, and escalation processes where remediation timelines cannot be met.

• Monitor vulnerability trends, exposure levels, and remediation performance, ensuring risks are understood and communicated to relevant stakeholders.

• Support continuous improvement of TVM processes, including integration with detection, incident response, and reporting capabilities.

Runbooks, Automation & Capability Improvement

• Ensure detection, protection, response, recovery, and TVM runbooks are maintained, up to date, and consistently followed across Security Operations.

• Drive optimisation and automation of SOC and TVM processes where feasible, improving efficiency and reducing manual effort through effective use of security technologies.

• Identify and implement lessons learned from incidents, vulnerability trends, and testing activities to strengthen overall security posture.

Service Integration & Operational Readiness

• Ensure the effective integration, onboarding, and operational handover of new security services and technologies into SOC monitoring, detection, and vulnerability management capabilities.

• Support operational readiness for new services, including documentation, runbooks, escalation paths, and operational acceptance.

Reporting & Stakeholder Management

• Provide clear operational reporting, summaries, and metrics covering incidents, detection effectiveness, and vulnerability risk posture to key stakeholders.

• Communicate effectively with technical teams, third party providers, and senior stakeholders during security incidents and operational reviews.

Required Experience & Skills

• Proven experience managing Security Operations and/or SOC functions in a complex enterprise environment.

• Strong understanding of detection and response operations, incident management, and Threat & Vulnerability Management practices.

• Experience managing or working closely with outsourced SOC or managed detection and response providers.

• Ability to operate confidently during security incidents and communicate clearly under pressure.

• Excellent stakeholder management and written/verbal communication skills.

Please note, to be considered for this role we can only accept candidates who are happy to work through an umbrella company, this is non-negotiable.

If the above is of interest to you then please apply and we can discuss the next steps in detail.