IT Operational Platforms and Security Lead

The role requires a proactive leader who can drive IT operational excellence, manage security risks, focus on continual service improvement, drive transformational delivery projects, and work effectively with internal stakeholders and third-party vendors to deliver a high-quality Global IT services. Working in line with the Architecture defined IT principle of a “buy before build” environment, the individual will need to ensure that outsourced and cloud-based services are robust, cost-effective, and aligned with business needs and the Strategic IT vision. They will also play a key role in enhancing cybersecurity, protecting data and systems, driving transformative operational change, enhancing IT processes and ensuring compliance with governance bodies and industry regulations.

Due to the nature of the role, complexity of the estate, current transformation activities and team size, the role requires the functional capability and proficiency to technically augment the team capabilities (when required) and have a detailed knowledge of technical IT support roles/services as a requirement, across multiple technical areas.

The role requires the ability to “lead by example” and perform line management for direct reports and manage
service partners reporting into the function. Additional responsibilities are to respond to support requests by

• Lead the transitional journey from a hybrid IT environment to a fully cloud-based infrastructure, ensuring a secure, scalable, and efficient migration and removal of technical debt.
• Manage, enhance, and optimise the organisation’s use of Microsoft 365 and Azure cloud platforms, enabling the migration legacy solutions to native cloud services, ensuring high availability and performance.
• Oversee cloud-based SaaS, PaaS, and IaaS solutions, ensuring seamless integration with business applications. Develop and implement cloud-first operational best practices, leveraging automation, infrastructure as code (IaC), and DevOps methodologies where appropriate.
• Ensure effective monitoring, logging and alerting within cloud platforms to proactively identify and address issues and provide KPI Metric information for functional troubleshooting and reporting.
• Maintain, define, and own business continuity (BC) and disaster recovery (DR) plans, ensuring cloud- based solutions support resilience and rapid recovery.
• Manage Global Infrastructure (Cloud, On-prem and Virtual product) Solution Life Cycle Management and removal (via decommissioning and succession planning) of technical debt.
• Drive a document first culture to new and legacy platforms/solutions.
• Oversee management of the End User Compute estate via Intune
• Act upon and proactively manage all estate patch management requirements (on-prem, virtual, & physical) for software, hardware, and middleware.
• Identify, manage, maintain and migrate legacy solutions and applications based on their lifecycle management requirements.
• Provide forecasting and reporting of operational solutions and 3^rd party supplier performance.
• Manage and proactively track global license and services consumption versus contracted quotas and highlight to stakeholders issue and requirements prior to incidents.
• Conduct active internal team and 3^rd party daily resource management activities, ensuring tracking and reporting via AzureDevOps (ADO).

Security, Compliance & Risk Management

• Define and enforce cloud security policies, identity management, and access controls to protect systems, networks, and data.
• Oversee the adoption of zero-trust security principles to enhance protection across cloud platforms.
• Manage identity and access management (IAM) in a cloud-first environment, including Azure AD, MFA, Conditional Access, SSO, and Privileged Access Management (PAM).
• Lead threat monitoring, detection, and response using cloud-native security solutions such as Microsoft Defender, Sentinel, and SIEM platforms.
• Ensure compliance with cloud security frameworks and regulatory requirements (ISO 27001, NIST, GDPR, SOC2, FCA).
• Conduct regular security risk assessments, penetration tests, and vulnerability management across cloud services.
• Oversee endpoint security, cloud network and API security for robust protection across all assets
• Define, manage and maintain accurate DR and BCP plans for the infrastructure area with biannual tests.

• Manage the Infrastructure and EUC change process, including identification, creation and management of internal and external partner change. Ensuring maximum uptime and minimal operational impact to the business.
• Engage and support IT audit activities, through management and collation of evidence for required audit action points. Impact Audit outcomes to define mitigations or remedies for audit points.

Cloud Strategy & Transformation

• Drive the cloud adoption roadmap and cloud services, ensuring the strategic move to cloud services aligns with business goals and operational requirements.
• Work closely with stakeholders to decommission legacy infrastructure while ensuring a seamless transition to cloud-based alternatives.
• Assess, recommend, and implement cloud-native technologies and services to optimise efficiency, scalability, and security.
• Advocate for the adoption of automation, AI-driven security, and modern IT operations tools to enhance cloud performance.
• Ensure enforcement, reporting, and management of vendor product lifecycles, for both legacy cloud assets and proposed cloud solutions.
• Provide support (technical and resource management) to the wider IT product teams.

Vendor & Supplier Management

• Manage relationships with cloud service providers, third-party vendors, and MSPs, ensuring optimal service delivery and value for investment.
• Negotiate cloud service agreements, monitor SLAs, and ensure vendor compliance with security and data protection policies.
• Monitor, forecast and efficiency manage vendor/solution spend against defined budget.
• Oversee third-party SaaS solutions, ensuring they align with the organisation’s cloud-first strategy and security requirements.
• Refine and develop external and internal proactive monitoring capabilities.
• Manage Internal to 3^rd Party Vendor change process

Stakeholder Engagement & Leadership

• Report and manage Infrastructure KPIs and metrics within agreed stakeholder tolerances.
• Assist and manage the refinement and creation of the yearly Infrastructure IT budget.
• Provide guidance to senior leadership on cloud strategy, cost management, and risk mitigation.
• Foster a culture of innovation, security, and operational excellence within the IT team.
• Work with compliance, legal, and risk teams to ensure cloud governance and regulatory adherence.
• Champion close collaboration and a one team mentality across the IT.

Technical Experience

• Microsoft Azure Infrastructure design and administration, including topology, Azure networking, services, and component knowledge,
• Microsoft AD (Entra), Server and SQL experience,
• O365 administration and design
• Global Software Patching and estate management via Intune
• Firewall (Azure, CheckPoint and Cloudflare), DNS, VPN, WIFI and Local Area Network design & administration experience
• Software Defined Networking (Cisco, Meraki, Versa)

• API Management
• Datawarehouse (Azure Storage Accounts and DataLake concepts)
• Virtualisation (Azure Virtual Machines)
• On prem and cloud backup technology experience (Veeam or other)
• IT Business process documentation (HLD, LLD, Principles, Policies, Procedures)

• Microsoft 365 & Azure: Strong experience managing Microsoft 365 (Exchange, SharePoint, Teams), Azure cloud infrastructure, and security tools such as Microsoft Defender and Sentinel.
• Security & Compliance: Deep knowledge of security frameworks (ISO 27001, NIST, CIS), compliance requirements (GDPR, SOC2), and risk management best practices.
• Identity & Access Management (IAM): Expertise in Azure AD, MFA, Conditional Access, Single Sign-On (SSO), and Privileged Access Management (PAM).
• Threat Management & Incident Response: Ability to detect, respond to, and mitigate cyber threats using SIEM, endpoint security, and vulnerability management tools.
• Networking & Infrastructure Security: Understanding of firewalls, VPNs, SD-WAN, DNS security, endpoint protection, and cloud security controls.
• IT Service Management & Automation: Experience implementing ITIL-based service management, automating operational tasks, and optimising service delivery.

Operational & Leadership Skills:

• IT Operations & Service Continuity: Ability to ensure IT systems are highly available, resilient, and fit for purpose, with a strong focus on business continuity and disaster recovery.
• Supplier & Vendor Management: Experience managing third-party IT vendors, MSPs, and SaaS providers, ensuring service levels, performance, and cost-effectiveness.
• Project Leadership & Change Management: Ability to lead technology projects, system upgrades, and platform migrations, ensuring smooth execution and minimal business disruption.
• Process Improvement & Automation: Strong analytical mindset to identify inefficiencies, automate workflows, and enhance security controls.

Soft Skills & Mindset:

• Problem-Solving & Decision-Making: Capable of making informed decisions and resolving complex IT issues in a fast-paced environment.
• Stakeholder Engagement: Ability to communicate effectively with technical and non-technical stakeholders, including senior leadership and business users.
• Resilience & Adaptability: Comfortable working in an evolving technology landscape, with a proactive

and security-first approach.