IT Operations Manager

Requirements

• 5+ years in IT operations or systems administration, ideally in a regulated or security‑conscious environment (defence, fintech, healthtech, or similar)
• Strong working knowledge of identity and device management tooling (Google Workspace or M365, Okta or similar SSO, Jamf, Intune, Kandji, or comparable MDM)
• Hands‑on experience supporting ISO 27001/Cyber Essentials Plus certification and ongoing audit cycles, including evidence collection, control mapping, and working with auditors
• Practical understanding of endpoint security, patch management, vulnerability management, and SaaS security posture
• Comfortable owning BYOD policy in practice, not just on paper, balancing user experience against controls
• Experience standing up and maintaining onboarding and offboarding workflows that scale with rapid hiring
• Excellent communication skills, with the ability to translate security and compliance requirements into pragmatic guidance for non‑technical staff
• UK‑based and eligible for SC clearance (or already cleared)

What the job involves

• Own end‑to‑end IT operations for the company, including device procurement, provisioning, onboarding, offboarding, and lifecycle management
• Run the BYOD programme: policy, MDM enrolment, conditional access, separation of work and personal data, and clear escalation paths for lost or compromised devices
• Drive the cyber security posture of the corporate platform: identity, endpoints, SaaS, email, network, and access controls. Make sure patching and updates land on time, every time
• Act as the operational owner for ISO 27001 compliance, working with the security and leadership teams to maintain certification, prepare for surveillance audits, and close findings
• Manage SaaS vendor footprint: licensing, access reviews, vendor security assessments, and renewals
• Maintain accurate asset and software inventories, and keep the joiner/mover/leaver process tight
• Provide responsive internal support across the company, triaging issues and resolving them quickly without compromising security controls
• Contribute to incident response and business continuity planning, including tabletop exercises and recovery testing
• Stay current on threats relevant to the defence sector and evolve controls accordingly. Champion sensible security practice across the company without becoming the team that says no

#J-18808-Ljbffr