Virgin Atlantic logo

Manager, Cyber Security Operations

Virgin Atlantic
14 hours ago
Full-time
Hybrid (Crawley, England, United Kingdom)
United Kingdom
Security

Salary: Competitive

Hours: 37.5 hours, Mon – Friday

Location: Hybrid, 3 days per week at VHQ, Crawley (with travel as required)

Contract: Permanent

Closing Date: 25th July 2026

Start Date: 1st September 2026

In a nutshell

At Virgin Atlantic, we're on a mission to become the most loved travel company, and keeping our customers, colleagues and business safe is fundamental to that ambition.

We're looking for an experienced Manager, Cyber Security Operations to join our Information & Cyber Security team. This is a senior technical role where you'll lead the response to cyber threats, drive improvements across our security operations capability and play a key part in strengthening our cyber resilience.

You'll be at the centre of our security operations, leading complex investigations, developing advanced detection capabilities and mentoring a team of talented security professionals. Working across cloud platforms, infrastructure, applications, networks and identity services, you'll help ensure we're always one step ahead of an ever-evolving threat landscape.

If you're passionate about cyber security, thrive under pressure and enjoy solving complex technical challenges, we'd love to hear from you.

Day to day

No two days are ever the same in Cyber Security Operations. You'll combine hands-on technical expertise with leadership, helping protect one of the UK's most recognised brands.

You'll:

  • Lead the technical response to complex cyber security incidents, coordinating investigations from detection through to recovery.
  • Act as the Cyber Incident Lead during major incidents, providing technical direction and clear updates to senior stakeholders.
  • Investigate sophisticated threats across cloud environments, endpoints, networks, identity platforms and applications.
  • Develop and enhance detection rules, SIEM content, investigation playbooks and response procedures.
  • Improve monitoring capabilities across Microsoft Sentinel, Microsoft Defender and other security technologies.
  • Conduct proactive threat hunting using threat intelligence, behavioural analytics and attacker techniques.
  • Identify opportunities to automate investigation and response activities using PowerShell, Python, KQL, Logic Apps, SOAR or similar technologies.
  • Coach and mentor Cyber Security Operations Analysts, helping build technical capability across the team.
  • Work closely with technology teams, managed security partners and external specialists to continually improve our cyber resilience.
  • Translate technical findings into clear, risk-based recommendations that support better business decisions.
  • As part of our operational security function, you'll also participate in an on-call rota and support out-of-hours incident response when required.

About you

You're an experienced cyber security professional who enjoys investigating complex problems and leading technical teams through challenging situations.

You'll bring:

  • Significant experience in Cyber Security Operations, Incident Response or Security Engineering.
  • Strong hands-on experience leading security investigations through identification, containment, eradication and recovery.
  • Excellent knowledge of Windows, Linux, networking, cloud platforms, identity services and modern authentication technologies.
  • Experience using SIEM, EDR/XDR, cloud security and email security platforms, including technologies such as Microsoft Sentinel, Microsoft Defender, Azure or AWS.
  • Experience investigating identity-related attacks, including account compromise, MFA abuse, token theft and privileged access threats.
  • Strong understanding of attacker tactics, techniques and procedures, including MITRE ATT&CK.
  • Experience developing detection use cases, threat hunting methodologies and incident response playbooks.
  • Practical scripting or automation skills using PowerShell, Python, KQL, Logic Apps, SOAR or similar technologies.
  • Excellent analytical and communication skills, with the ability to explain complex technical issues to both technical and non-technical audiences.
  • Experience mentoring or leading other cyber security professionals.
  • Above all, you'll be curious, collaborative and committed to continually improving cyber security operations.

Be yourself. Our differences make us stronger.

Virgin Atlantic are committed equal opportunities employers and positively encourage applications from suitably qualified and eligible applicants regardless of sex, race, disability, age, sexual orientation, gender reassignment, religion or belief, marital status, pregnancy and maternity. Diversity brings strength which is why we strive to provide an inclusive environment where individuality is celebrated, and we can ignite the potential of our forward-thinking mix of people.

Please be aware as part of our recruitment process we may look to use a variety of resourcing tools to help us understand your skills and experience in relation to the role you have applied for. These may include application questions, video interviews or online testing. Please feel free to contact us at [email protected] if there are any reasonable adjustments to our process that you would like us to consider, for example use of hearing loops, sign language interpreter etc. Please don’t hesitate to reach out if there are any issues preventing you from being at your best during your application or assessment process. Any issues raised after your assessment is completed or once a decision has been made will be too late for us to consider within our process.