Security Operations Director

New Today

JOB DESCRIPTION

The team you'll be working with:

Security Operations Director JD

We are currently recruiting for a dynamic Security Operations Director to join our growing Security Operations Centre business.

This vacancy is hybrid variable Birmingham or London

About Us

NTT DATA is one of the world’s largest Global Security services providers with over 7500 Security SMEs and Integration partner to many of the worlds most recognised Security Technology providers. We strive to hire exceptional, innovative, and passionate individuals who want to grow with us. In a constantly changing world, we work together with our people, clients and communities to enable them to fulfil their potential to do great things. We believe that by bringing everyone together, we can solve problems using innovative technology that can create a world that is sustainable and secure.

This is a great opportunity for you to play a pivotal role in helping to shape our client’s transformation journeys.

What you'll be doing:

What you’ll be doing;

The Security Operations Director is responsible for overseeing security operations at both strategic and operational levels. The role ensures the effectiveness of security practices, manages incidents, drives operational maturity improvements, and oversees containment and recovery activities. Operating at SFIA Level 6, the role requires the initiation, definition, and oversight of high-impact security operations activities, including incident response, operational maturity improvement, containment, and recovery efforts. The Director is responsible for aligning security initiatives with business objectives and ensuring the organisation’s resilience against evolving threats.

What to expect:

Using your background in SOC Service Delivery background and experience, you will:

  • Pre-Sales Support and Business Development
    Partner with sales and business development teams to define and articulate the value proposition of the security offerings, including SOC services, incident response, threat intelligence, vulnerability management, and compliance. Represent the security operations function in client engagements, pre-sales discussions, and technical assessments, positioning the organisation's capabilities to meet client needs. Design and present tailored solutions and service models based on customer-specific challenges, industry regulations, and threat landscapes. Collaborate with delivery teams to create accurate statements of work (SOWs) and ensure alignment between client requirements and achievable security operations deliverables. Influence product roadmaps by providing feedback from client conversations, ensuring services meet market demands and technological advancements.
  • Service Delivery Assurance
    Oversee the performance and quality of security services delivered to customers, ensuring compliance with agreed service-level agreements (SLAs) and adherence to key performance indicators (KPIs). Implement governance mechanisms to standardise service delivery processes, ensuring scalability and operational consistency. Drive the adoption of best practices, playbooks, and standardised methodologies to optimise efficiency and ensure repeatable, high-quality engagements across the MSSP space. Act as the primary escalation point for high-profile or complex client engagements, resolving concerns effectively to maintain satisfaction and long-term partnerships. Conduct regular client reviews to assess alignment with evolving business needs, strengthen relationships, and identify opportunities for service enhancements or upselling.
  • Budget and Financial Management
    Develop and manage the overall financial plan for the security operations function, including budgeting, cost control, and profitability analysis. Monitor operational expenses and identify opportunities for cost reduction through improved processes, technology adoption, and automation. Ensure the profitability of MSSP services through meticulous financial forecasting, revenue tracking, and margin analysis. Track the return on investment (ROI) of SOC tools, technologies, and team members, ensuring financial decisions support the organisation’s strategic goals. Collaborate with finance teams to refine MSSP pricing models, maintaining market competitiveness while ensuring profit margins meet or exceed targets. Lead efforts to reduce non-billable activities and maximise the utilisation of SOC personnel for billable client engagements.
  • Incident Response and Management
    Develop and implement incident response frameworks and playbooks in alignment with industry best practices (, NIST CSF, MITRE ATT&CK, ISO 27035) to standardise and optimise response efforts. Oversee the deployment, configuration, and utilisation of security tools such as SIEMs, IDS/IPS, endpoint protection systems, forensics tools, and threat intelligence feeds to enhance detection and response capabilities. Direct teams during high-severity incidents, ensuring coordination between SOC teams, internal business units, and external stakeholders to minimise business disruption. Act as the primary escalation point for operational challenges during incident response processes and ensure timely resolution of complex technical security incidents. Supervise the execution of routine security operations, including monitoring, vulnerability assessments, penetration testing, and remediation, ensuring compliance with organisational and regulatory security policies. Drive post-incident reviews to evaluate response effectiveness, extract insights, and implement lessons learned to improve future incident handling. Leverage insights from incidents and operational metrics to identify weaknesses in existing systems or processes and recommend long-term improvements.
  • Security Operations Maturity Improvement
    Assess the overall maturity of the Security Operations Center (SOC) against industry-accepted models (, SOC-CMM) and implement improvements. Drive automation and modernisation initiatives, such as deploying SOAR tools to improve response times and process efficiency. Define and monitor metrics such as Mean Time to Detect (MTTD) and Mean Time to Respond (MTTR), ensuring continuous operational improvement. Strengthen SOC team capabilities through tailored training programs and coaching, promoting professional development.

    • Key Performance Indicators (KPIs)

  • Reduction in Mean Time to Detect (MTTD) and Mean Time to Respond (MTTR).
  • Success rate of incident containment efforts within predefined response windows.
  • Time to full system recovery after incidents, aligned with BC/DR objectives.
  • SOC maturity improvements against established benchmarks (, SOC-CMM).
  • Satisfaction levels of stakeholders during significant incidents and operational reviews.
  • Operation of the Security Operations in line with financial revenue, growth and profitability targets

    • What experience you'll bring:

    What you’ll be doing;

    It starts with amazing people, challenging projects and a work environment that supports the creation of tangible solutions that make an impact. You will need to have a broad experience of security service delivery management and have evidence of experience in a number of the following fields of expertise:

  • At least 10 years of experience in providing technical support and advice for a Security Operations Centre and 5 years in leadership role managing SOC’s and Security Operations.
  • Proven success in managing large-scale incident response, enhancing operational maturity, and aligning security strategies with organisational goals.
  • Excellent communication and client relationship skills to interface with clients, stakeholders, and senior leadership.
  • Significant experience and ability to manage and lead in crisis situations, ensuring a swift and effective response.
  • Demonstrable experience in leading and coordinating diverse teams effectively.
  • Excellent English writing skills for technical documents and improving processes (such as policies and reports).
  • Outstanding English verbal communication skills with the ability to explain things in a clear and non-technical way.
  • Strong attention to detail and the ability to deliver high quality work and build high performing teams.
  • A relevant and recognised professional Security / Risk / Compliance certification supporting the role, such as CISSP, CISM, CCISO, GCIH, CRISC, etc.
  • A valid right to work in the UK.
  • Have held UK SC clearance or be eligible for obtaining UK SC clearance.

    • Who we are:

    We’re a business with a global reach that empowers local teams, and we undertake hugely exciting work that is genuinely changing the world. Our advanced portfolio of consulting, applications, business process, cloud, and infrastructure services will allow you to achieve great things by working with brilliant colleagues, and clients, on exciting projects.

    Our inclusive work environment prioritises mutual respect, accountability, and continuous learning for all our people. This approach fosters collaboration, well-being, growth, and agility, leading to a more diverse, innovative, and competitive organisation. We are also proud to share that we have a range of Inclusion Networks such as: the Women’s Business Network, Cultural and Ethnicity Network, LGBTQ+ & Allies Network, Neurodiversity Network and the Parent Network.

    For more information on Diversity, Equity and Inclusion please click here: Creating Inclusion Together at NTT DATA UK | NTT DATA

    what we'll offer you:

    We offer a range of tailored benefits that support your physical, emotional, and financial wellbeing. Our Learning and Development team ensure that there are continuous growth and development opportunities for our people. We also offer the opportunity to have flexible work options.

    You can find more information about NTT DATA UK & Ireland here: 

    We are an equal opportunities employer. We believe in the fair treatment of all our employees and commit to promoting equity and diversity in our employment practices. We are also a proud Disability Confident Committed Employer - we are committed to creating a diverse and inclusive workforce. We actively collaborate with individuals who have disabilities and long-term health conditions which have an effect on their ability to do normal daily activities, ensuring that barriers are eliminated when it comes to employment opportunities. In line with our commitment, we guarantee an interview to applicants who declare to us, during the application process, that they have a disability and meet the minimum requirements for the role. If you require any reasonable adjustments during the recruitment process, please let us know. Join us in building a truly diverse and empowered team.

    Back to search
    Email to a friend

    Apply now

    Apply
    Location:
    Birmingham
    Job Type:
    FullTime