Cyber Security Operations Manager

Exeter, South West England, EX1 3PB

Job Summary

We’re looking for an exceptional Cyber Security Operations Manager to help us make a difference to our planet.

Job Description

As our Cyber Security Operations Manager, the job may be suitable for hybrid working, which is where an employee works part of the week in the office and part of the week from home.This is a voluntary, non-contractual arrangement and the location advertised will be your contractual place of work.

Our opportunity is full time, 37 hours per week.Our people are at the heart of what we do and we'll do our best toagreea working pattern that works for everyone.

World changing work

From science to technology, from meteorology to management, and from planning to communication, our expertise helps us stand out as the authority on weather accuracy and climate prediction. We help individuals, industries and government to make better decisions to stay safe and thrive. This is the Met Office. This is who we are.

• We’re aforcefor good - focusing on our environmental and social impact
• We’re experts by nature - always learning and developing to do things better
• We live and breathe it - putting our purpose at the heart ofdecision-making
• We’re bettertogether-understandingpartnerships and inclusivity make us greater
• We keep evolving - pushing boundaries to make tomorrow better for our customers
  
  

Your world of expertise

As the Cyber Security Operations Manager within the Security Operations team of the Met Office’s Cyber Security Department, will design, implement and continuously improve the department’s Security Operations strategy, ensuring rapid detection, response and recovery from cyber threats and incidents.

The role will lead a team of security professionals and embed security practices in line with best practice standards.

You will be front and centre for the protection, detection, and response capabilities of the Met Office.

Your Key Duties:

• Team Leadership and Development: Lead, manage and mentor a team of cyber security analysts to ensure the team operate effectively. Develop the team utilising the career framework to identify learning needs and career pathways.
• Incident Management: Lead incident detection, triage, escalation and resolution processes; assessing impacts and directing appropriate measures to contain and mitigate threats, conduct post‑incident reviews and drive continual service improvement including exercising to test procedures.
• Security Monitoring: Be the escalation point for alerts. Provide direction for improvements to monitoring systems for our environment covering specific technologies or threats. Direct the development and tuning of new and existing rules.
• Threat Intelligence: Stay up to date on the latest cyber threats and attack techniques, incorporating threat intelligence into security practices, cascading to relevant stakeholders.
• Reporting and Metrics: Define cyber security metrics and targets. Prepare and present regular reports on security incidents, and trends to management, translating technical metrics into business focused risk insights.
  
  

The Met Office Security Profession has adopted the Government Security Profession as its over-arching professional framework. You will need to evidence the relevant skills and competencies applicable to a Monitoring Principle as defined by the Government Security Profession.

We operate an on-call roster in Technology to provide 24/7/365 support to respond to operational service requirements. This post may be part of an on-call roster and the postholder would be required to participate in an on-call roster where in operation.

As our Cyber Security Operations Manager, the job may be suitable for hybrid working, which is where an employee works part of the week in the office and part of the week from home.This is a voluntary, non-contractual arrangement and the location advertised will be your contractual place of work.

Our opportunity is full time, 37 hours per week.Our people are at the heart of what we do and we'll do our best toagreea working pattern that works for everyone.

World changing work

From science to technology, from meteorology to management, and from planning to communication, our expertise helps us stand out as the authority on weather accuracy and climate prediction. We help individuals, industries and government to make better decisions to stay safe and thrive. This is the Met Office. This is who we are.

• We’re aforcefor good - focusing on our environmental and social impact
• We’re experts by nature - always learning and developing to do things better
• We live and breathe it - putting our purpose at the heart ofdecision-making
• We’re bettertogether-understandingpartnerships and inclusivity make us greater
• We keep evolving - pushing boundaries to make tomorrow better for our customers
  
  

Your world of expertise

As the Cyber Security Operations Manager within the Security Operations team of the Met Office’s Cyber Security Department, will design, implement and continuously improve the department’s Security Operations strategy, ensuring rapid detection, response and recovery from cyber threats and incidents.

The role will lead a team of security professionals and embed security practices in line with best practice standards.

You will be front and centre for the protection, detection, and response capabilities of the Met Office.

Your Key Duties:

• Team Leadership and Development: Lead, manage and mentor a team of cyber security analysts to ensure the team operate effectively. Develop the team utilising the career framework to identify learning needs and career pathways.
• Incident Management: Lead incident detection, triage, escalation and resolution processes; assessing impacts and directing appropriate measures to contain and mitigate threats, conduct post‑incident reviews and drive continual service improvement including exercising to test procedures.
• Security Monitoring: Be the escalation point for alerts. Provide direction for improvements to monitoring systems for our environment covering specific technologies or threats. Direct the development and tuning of new and existing rules.
• Threat Intelligence: Stay up to date on the latest cyber threats and attack techniques, incorporating threat intelligence into security practices, cascading to relevant stakeholders.
• Reporting and Metrics: Define cyber security metrics and targets. Prepare and present regular reports on security incidents, and trends to management, translating technical metrics into business focused risk insights.
  
  

The Met Office Security Profession has adopted the Government Security Profession as its over-arching professional framework. You will need to evidence the relevant skills and competencies applicable to a Monitoring Principle as defined by the Government Security Profession.

We operate an on-call roster in Technology to provide 24/7/365 support to respond to operational service requirements. This post may be part of an on-call roster and the postholder would be required to participate in an on-call roster where in operation.

Person specification

• We live and breathe it - Demonstrated ability to lead and manage a team with integrity and genuine passion for our purpose, fostering an inclusive, collaborative culture, and continuously developing team skills and expertise through learning and knowledge‐sharing.
• We keep evolving - In‐depth knowledge of incident management processes to lead incident detection, triage, escalation and resolution, assessing impacts and directing appropriate measures to contain and mitigate threats, conduct post incident reviews and drive continual service improvement including exercising to test procedures with the collaborative mindset to drive cross‐team and external support for swift, sustainable response.
• We’re experts by nature - Proven experience delivering an effective, continuously improving security monitoring capability, proactively hunting threats and refining detection rules to reflect evolving risks, leveraging deep technical expertise and curiosity, and ensuring that monitoring activities contribute responsibly to organisational resilience with continuous improvements that reflect changes from risks and threats in a timely manner, including proactive threat hunting and intrusion detection.
• We’re a force for good - Proven experience delivering threat intelligence and assessment in the context of the organisation to stakeholders by gathering and analysing information to identify and mitigate cyber threats from both open-source (OSINT) and commercial threat intelligence.
• We’re experts by nature - Proven experience operating and optimising cybersecurity tools (e.g. SIEM), maintaining accurate security records and documentation in accordance with robust operating procedures, continually seeking innovative automation and process improvements, and sharing learnings to raise the overall expertise of the organisation (cyber security operations).
• We’re better together - Demonstrated experience managing relationships with external vendors, MSSPs and technology partners setting and enforcing SLAs and performance metrics with transparency and fairness, collaborating to solve challenges and share successes, and holding partners to high standards.
  
  

Alongside your salary of £52,799, Met Office contributes £15,295 towards you being a member of the Civil Service Defined Benefit Pension scheme. Find out what benefits a Civil Service Pension provides.

Our work is life-changing, often life-saving and always life-enhancing.The Met Office is Great Place to Work UK certified. We are also featured on their ‘Best Workplaces in Tech’ 2023 and 2024 lists, as well as their ’54 Best Workplaces for Women’ 2023 list.

As our Job Title, your total reward package will be up to £82,518 annually, which includes:

• £52,799 base pay
• An outstanding Civil Service pension, with an average employer contribution of 28.97%
• Recruitment Retention Allowance (RRA) you will be paid £9,000 per annum as a market supplement to reflect the demand for your skills. Whilst in post, you will be paid this marketdrivenallowance from April 2024 until March 2026 in your monthly pay
• Annual Leave starting at 27.5 days (plus Bank Holidays) rising to 32.5 days (plus Bank Holidays) after 5 years and option to buy or sell up to 5 days per year of annual leave
  
  

Selection process details

If you share our values, we’d love to hear from you! Click apply to begin your application. Please complete your career history and provide evidence against each of the essential criteria in the supporting statement questionnaire. We recommend candidates use the CARL method (Context, Action, Result and Learning) for presenting evidence of experience and skills.

Closing date 29/06/2025 at 23:59 with first stage interviews commencing from W/C Monday 14th July. You will hear from us once the closing date has passed.

Using AI in your application

We welcome applications that use AI tools for support in drafting or refining, as long as they accurately reflect your own skills and experience. All hiring decisions at the Met Office are made by people, not AI. For more details, visit our approach to recruitment.

How We Can Help

If you have any questions or would like to discuss this opportunity further, please contact us at careers@metoffice.gov.uk.

If you’re considering applying and need support to do so, please get in touch. You can request adjustments either within your application or by contacting us.Should you be offered an interview, please be aware there may be a selection exercise which could include a presentation, written test or a scenario-based activity. You can select in your application to be considered under the DisabilityConfidentScheme. To be invited to interview/assessment under this scheme, your application must meet the essential criteria for the role.

Weunderstand that great minds don’t always think alike and as an equal opportunities employer we welcome applications from those with all protected characteristics. We recruit on merit, fairness, and open competition in line with the Civil Service Code.

We can only accept applications from those eligible to live and work in the UK - please refer to GOV.UK for information.We require Security clearance, for which you need to have resided in the UK for at least 3 of the last 5 years to be eligible. You will need to achieve full security clearance within your first 6 months with us.

Feedback will only be provided if you attend an interview or assessment.

Security

Successful candidates must undergo a criminal record check.

Successful candidates must meet the security requirements before they can be appointed. The level of security needed is security check (opens in a new window).See our vetting charter (opens in a new window).

People working with government assets must complete baseline personnel security standard (opens in new window) checks.

Successful candidates must undergo a criminal record check.

Successful candidates must meet the security requirements before they can be appointed. The level of security needed is security check (opens in a new window).See our vetting charter (opens in a new window).

People working with government assets must complete baseline personnel security standard (opens in new window) checks.

Medical

Successful candidates will be expected to have a medical.

Nationality requirements

This Job Is Broadly Open To The Following Groups:

• UK nationals
• nationals of the Republic of Ireland
• nationals of Commonwealth countries who have the right to work in the UK
• nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities with settled or pre-settled status under the European Union Settlement Scheme (EUSS) (opens in a new window)
• nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities who have made a valid application for settled or pre-settled status under the European Union Settlement Scheme (EUSS)
• individuals with limited leave to remain or indefinite leave to remain who were eligible to apply for EUSS on or before 31 December 2020
• Turkish nationals, and certain family members of Turkish nationals, who have accrued the right to work in the Civil Service
  
  

Further information on nationality requirements (opens in a new window)

Working for the Civil Service

The Civil Service Code (opens in a new window) sets out the standards of behaviour expected of civil servants.

We recruit by merit on the basis of fair and open competition, as outlined in the Civil Service Commission's recruitment principles (opens in a new window).

The Civil Service embraces diversity and promotes equal opportunities. As such, we run a Disability Confident Scheme (DCS) for candidates with disabilities who meet the minimum selection criteria.

The Civil Service Code (opens in a new window) sets out the standards of behaviour expected of civil servants.

We recruit by merit on the basis of fair and open competition, as outlined in the Civil Service Commission's recruitment principles (opens in a new window).

The Civil Service embraces diversity and promotes equal opportunities. As such, we run a Disability Confident Scheme (DCS) for candidates with disabilities who meet the minimum selection criteria.

Diversity and Inclusion

The Civil Service is committed to attract, retain and invest in talent wherever it is found. To learn more please see the Civil Service People Plan (opens in a new window) and the Civil Service Diversity and Inclusion Strategy (opens in a new window).

The Civil Service welcomes applications from people who have recently left prison or have an unspent conviction. Read more about prison leaver recruitment (opens in new window).

Once this job has closed, the job advert will no longer be available. You may want to save a copy for your records.

Contact point for applicants

Job Contact :

• Name : Resourcing Team
• Email : careers@metoffice.gov.uk
  
  

Recruitment team

• Email : careers@metoffice.gov.uk