Cyber Security Operations Lead
Incredible opportunity for someone who is looking to progress their career rapidly into senior cyber security management.
This role is with a large-scale multinational group organisation of over 60,000 staff operating within the Critical National Infrastructure domain. The business is in the process of a rapid expansion within its cyber and infosec capability and you'll be joining the team at a reasonably early stage in this process.
The role will ideally suit an individual with a technical background, who has worked in a SOC / Security Operations Centre in a reasonably senior capacity (e.g., a Senior SOC Analyst or SOC Lead / Manager).
Alternatively, it could also be a good fit if you have a strong understanding of Security Controls, Vulnerability Management, Incident Response.
While initially there is no requirement to manage a team, it is expected that for the right person you'll progress quickly into management, for which full support will be provided.
What you'll do:
Work closely with the Head of Security Operations and other internal stakeholders to:
- Ensure the IT security requirements for the Group infrastructure estate are correctly functioning and that IT security controls are in place and correctly managed.
- Work with outsourced security suppliers to help manage such security services that are not provided in-house (for example the SIEM - currently Splunk).
- Assist in the definition and implementation of a KPI framework that can be used to measure effectiveness of controls, and provide regular reporting on this.
- Support the running and provision of vulnerability assessments to the business and support mitigation projects, as necessary.
- Support the maturity and operations of the (outsourced), Security Operations Centre (SOC).
- Support the running of monitoring systems for intrusion detection and prevention;
- Occasionally act as the first line of incident response / escalation.
- Investigate suspected (and actual) security incidents in accordance with the security incident management standard, producing reports with recommendations and ensure remedial action is taken.
- Auditing of identity and access control systems.
- Support the implementation of a zero-trust identity framework including Multifactor authentication, Privilege Identity Management (PIM) and Conditional Access.
- Support the implementation of Endpoint Security Solutions across the Group
- Work with operational teams to support incident response resolutions.
- Understand and drive vendor relationship for cyber security products or services that are in production
- Support the IT Security elements of the Group's move towards cloud-based solutions.
Skills and experience desired (you do not need all of the following):
- A technical background in infrastructure or application support
- A strong understanding of technical security controls
- Experience managing security testing requirements
- Knowledge of some of the following areas of IT Security; Digital Cyber Security, Identity and Access Management, Authentication and Single Sign On; Audit; Secure Communications and Cryptographic Services; network protection, SIEM technologies, web proxies and Office365.
- Excellent written and verbal communication skills, with an ability to explain complex topics to a non-technical audience (at all levels of the organisation)
It's a great time to get involved with an ambitious, prosperous organisation with a great company culture. Great work-life-balance and excellent career progression opportunity.
Flexible working allowed (work from home).
Paying up to £55,000 + corporate benefits.