IT Operations and Security Lead

Social network you want to login/join with:

In summary, the Client is looking to recruit an all-round individual with expert knowledge and hands-on experience of IT Infrastructure coupled with Security, Compliance & Risk Management.

You must have upwards of 10 years of hands-on expertise in IT Infrastructure combined with Security and Risk – ideally from within the banking or insurance sector.

The IT Operational Platform and Security Lead is responsible for overseeing the organisation’s IT operations, ensuring the stability, continuity, security, and efficiency of its technology platforms within a global commercial insurance environment.

While Microsoft technologies (Microsoft 365, Azure, Exchange Online) form a core part of the infrastructure, the role also encompasses broader enterprise IT systems, multi-layered networking, security, data management, and third-party platforms supporting global business operations and applications estate.

The role requires a proactive leader who can drive IT operational excellence, manage security risks, focus on continual service improvement, lead transformational projects, and work effectively with internal stakeholders and third-party vendors to deliver high-quality Global IT services. Working in line with the Architecture-defined IT principle of a "buy before build" environment, the individual will ensure that outsourced and cloud-based services are robust, cost-effective, and aligned with business needs and the Strategic IT vision. They will also play a key role in enhancing cybersecurity, protecting data and systems, driving operational change, improving IT processes, and ensuring compliance with governance bodies and industry regulations.

Due to the complexity of the estate, ongoing transformation activities, and team size, the role requires the capability and proficiency to technically augment team capabilities when needed and possess detailed knowledge of technical IT support roles/services across multiple technical areas.

• Define and enforce cloud security policies, identity management, and access controls.
• Oversee the adoption of zero-trust security principles across cloud platforms.
• Manage identity and access management (IAM) in a cloud-first environment, including Azure AD, MFA, Conditional Access, SSO, and Privileged Access Management (PAM).
• Lead threat monitoring, detection, and response using cloud-native security solutions such as Microsoft Defender, Sentinel, and SIEM platforms.
• Ensure compliance with security frameworks and regulatory requirements (ISO 27001, NIST, GDPR, SOC2, FCA).
• Conduct regular security risk assessments, penetration tests, and vulnerability management across cloud services.
• Oversee endpoint security, cloud network, and API security for robust protection.
• Define, manage, and maintain disaster recovery (DR) and business continuity plans (BCP) with biannual tests.

• Microsoft Azure Infrastructure design and administration, including topology, networking, services, and components.
• Microsoft Active Directory (Entra), Server, and SQL experience.
• O365 administration and design.
• Global software patching and estate management via Intune.
• Firewall management (Azure, CheckPoint, Cloudflare), DNS, VPN, Wi-Fi, and LAN design & administration.
• Software Defined Networking (Cisco, Meraki, Versa).

• Microsoft 365 & Azure: Managing Microsoft 365 services and Azure cloud infrastructure and security tools.
• Security & Compliance: Knowledge of security frameworks, compliance requirements, and risk management.
• Identity & Access Management: Expertise in Azure AD, MFA, Conditional Access, SSO, and PAM.
• Threat Management & Incident Response: Detecting, responding to, and mitigating cyber threats.
• Networking & Infrastructure Security: Firewalls, VPNs, SD-WAN, DNS security, endpoint protection, and cloud security controls.
• IT Service Management & Automation: Implementing ITIL-based service management, automation, and service delivery optimization.

Operational & Leadership Skills:

• IT Operations & Service Continuity: Ensuring high availability and resilience, with focus on business continuity and disaster recovery.
• Vendor Management: Managing third-party vendors, MSPs, and SaaS providers.
• Project Leadership & Change Management: Leading technology projects and migrations with minimal disruption.
• Process Improvement & Automation: Identifying inefficiencies and automating workflows to enhance security.

Skills & Mindset:

• Problem-Solving & Decision-Making: Making informed decisions and resolving complex issues.
• Stakeholder Engagement: Communicating effectively with technical and non-technical stakeholders.
• Resilience & Adaptability: Working proactively in an evolving technology landscape.

The Client is a financial organisation based in the City of London.

This is a hybrid position with 3 days in the office.

Must have a Bachelor’s degree in IT or similar.

The salary range is £85K - £95K plus benefits.

Send your CV in Word format, including your salary expectations and notice period.