Head of Security Operations

Job Description

We’re recruiting a Head of Security Operations to support the Chief Information Security Officer in managing and reporting information security risks across Technology Services.

This role is critical in safeguarding the confidentiality, integrity and availability of AJ Bell’s systems and data. You’ll lead our Security Operations capability, ensuring we proactively detect, respond to and mitigate security threats, translating cyber risk into clear business impact for senior stakeholders.

You’ll lead a high-performing team responsible for proactive cyber defence and incident response, while fostering a strong security-first culture across the organisation.

About the Role

We are looking for someone to lead and evolve AJ Bell’s Security Operations function, ensuring robust capability to detect, investigate and respond to security incidents.

Oversee 24×7 operational security coverage in partnership with our managed service provider

Drive automation and AI-led efficiency improvements across security operations processes

Own and enhance AJ Bell’s incident response framework, including playbooks, testing and executive-level simulations

Develop and mature threat intelligence capabilities, delivering actionable insight to key stakeholders

Own end-to-end vulnerability management, including penetration testing and remediation tracking

Ensure effective operational management of supply chain security risk

Provide clear, data-driven MI and reporting on AJ Bell’s security posture

Partner with Security Engineering to define requirements where control gaps are identified

Manage security vendor relationships, including performance and commercial oversight

Lead, mentor and develop a team of security analysts, acting as an escalation point for complex incidents

Shape the future strategy and capability of the Security Operations function

Embed repeatable, measurable processes to support continuous improvement

About You

Deep expertise in information security risk management tools and techniques

Strong knowledge of industry frameworks such as ISO27001, NIST and relevant regulatory requirements (GDPR, FCA, PRA)

Extensive experience operating and optimising security technologies (SIEM, endpoint protection, email/web gateways, DLP etc.)

Strong understanding of cloud security and modern DevOps practices

Experience managing enterprise environments (Windows, Linux, Active Directory advantageous)

Knowledge of security investigations and forensic best practice (Microsoft Purview advantageous)

Proven leadership experience within a security operations or cyber defence function

Experience within financial services or e-commerce preferred

Strong executive-level communication skills, with experience contributing to Board-level reporting

Commercially aware, able to translate cyber risk into business risk

Strategic thinker with hands-on credibility

Self-motivated and comfortable operating in a fast-paced, evolving environment

About AJ Bell

AJ Bell is one of the UK’s fastest-growing investment platform businesses, supporting over 644,000 customers and managing more than £103.3 billion in assets.

Listed on the FTSE 250, we’ve been named one of the UK’s Best 100 Companies to Work For for six consecutive years and recognised as a Great Place to Work® in 2024 and 2025.

With offices in Manchester, London and Bristol, we’re proud of our strong culture, collaborative environment and commitment to helping people take control of their financial futures.

What We Offer

28 days’ holiday, increasing to 31 with length of service, plus buy/sell options

Pension matched up to 8% (increasing with service)

Discretionary bonus and annual free share awards

Private healthcare, health cash plan and free onsite gym

Enhanced family leave and ongoing professional development

For the full list of benefits and further details about the role, click apply or visit our careers page.