Global Head of Incident Response, Threat Intelligence & Cyber Security Strategy - City of London

£140,000 - IT/Information/Cyber Security
Ref: 61 Date Posted: Wednesday 14 Aug 2019
LinkedIn ShareShare
More
Functional overview  
In this role, you will support innovation as an enabler of business and revenue growth, and establishes a
stronger enterprise-wide posture that reduces risk, improves decision-making, and accelerates business.  
 
  • You will work closely with our information technology and architecture teams to:
  • establish threat and risk informed security strategy, ensuring alignment with current and emerging threats in cloud, non-cloud and hybrid environments 
  • develop security staff and services for measurable continuous improvement
  • coach and mentor associates for continued development and results
  • partner across the CISO function, clients, IT and the business to establish goals and develop plans to continually improve security services
 
Summary
Reporting to the CISO, you will drive the activities of multiple internal cybersecurity functions and teams, lead our innovation and strategy efforts globally, and provide actionable oversight of internal and external cybersecurity operations functions and partnerships. You will be a thought and execution leader, a consensus builder, an integrator of people, processes and technology, with the ability to synthesize complex threats and needs into commercially relevant outcomes that align to the corporate strategy. These attributes will be critical in your role as the central commercial voice for cybersecurity in Europe while managing our global threat intelligence, hunting, incident response and operations, digital forensics, static and dynamic code vulnerability scanning, vulnerability management, and risk reporting teams.
 
 What will you be doing: 
 
  • Leading a 24x7 cybersecurity operation which includes but is not limited to:  cybersecurity incident response, threat intelligence, intrusion detection/prevention, malware detection/prevention, data loss detection/prevention, remote access forensics, threat hunting, static and dynamic code vulnerability scanning, external/internal web host scanning, vulnerability management, and risk reporting.  
  • Governing, managing and monitoring the cybersecurity operations capabilities and controls framework in partnership with shared IT services and product teams to protect information assets and effectively mitigate risks to business accepted levels.
  • Working directly with the business departments to facilitate threat and vulnerability informed decision-making, security risk assessment and risk management processes, and work with stakeholders throughout the enterprise on identifying acceptable levels of residual risk.
  • Providing regular reporting on the current status of the information security program to senior management and business unit leaders.
  • Progressing the evolution of the company’s security controls toward conformance with: ISO 27001, Cyber Security Essentials, GDPR SOC2, and other applicable standards as required by our business.
  • Directing a team of technical and investigative resources running a global information security incident response process. 
  • Developing short-term and long-term strategic roadmaps providing leadership and direction for the cybersecurity operations team.
  • Managing executive stakeholders with regular dialogue, status reports, and alert escalation.
  • Driving a KPI/KRI metrics and reporting framework to measure the efficiency and effectiveness of the cybersecurity operations team.
  • Keeping management aware of worldwide trends, threats, vulnerabilities, breaches and their potential impact to the businesses.  
  • Developing cybersecurity operations talent and testing their skills through scheduled and ad hoc training exercises.
  • Collaborating with solution providers, contractors and vendors to ensure compliance with service level agreements (SLAs).
  • Keeping abreast of latest technologies and innovations in information security and monitor industry trends and threats.
  • Planning and managing the cybersecurity operations budget and leading the team in negotiation strategies with vendors to leverage best pricing and contract term on tool and resource selection/allocation.
  • Continuously communicating cybersecurity best practices and risks to all parts of the business.
  • Ensuring continued compliance with applicable international laws and regulations.
  • Developing relationships with high-level federal, state, and local law enforcement and international counterparts to include in-country national security and international cybersecurity agencies, intelligence, and private sector counterparts worldwide.
 
What we are looking for: 
 
  • Bachelor’s degree in Information Security, Information Technology or related field required; Master’s degree preferred.
  • Minimum of fifteen (15) years’ experience in Information Security to include a required minimum of eight (8) years of progressively increasing leadership experience leading professional staff and managing cyber incident response and threat hunting teams.
  • A natural ability to simultaneously use your technical expertise, strategic mindset and people skills   
  • Intimate knowledge of the Cyber Kill Chain, MITRE ATT&CK, or other relevant cybersecurity defense and intelligence frameworks.
  • Proven global experience leading security incident response, including acting as the point for critical incidents, and coordinating activities with internal and external teams.
  • Strong understanding of technical security controls, including end-user, office, and data center environments, with a verifiable understanding of threats, vulnerabilities, and mitigation techniques in AWS, Google, Azure cloud environments.
  • Able to analyze and think through highly complex issues, but then appropriately execute and implement against a well thought through framework in a seamless manner.
  • Strong interpersonal skills for interfacing with all levels of internal colleagues and external clients across a wide variety of businesses.
  • Strong leadership skills with a proven track record in managing teams and making a positive impact on the organization. A global citizen who is comfortable in all geographies, regions and cultures.
  • Excellent organizational, partner, research, and verbal/written communication skills, with a proven ability to effectively engage Senior Executives, partners, clients and individual technical and business staff 
  • Strategic thinker, keeping big picture in mind while ensuring execution excellence.
  • Ability to demonstrate security experience via certifications (i.e., CISSP, CISM, C-CISO) and significant career accomplishments 
  • Self-motivated and willing to take on challenges while adapting to an ever-changing global threat landscape and internal/external partner operational environment. 
  • Knowledge and experience working within the Intelligence, Defence, Regulates and/or Public Sector markets will be considered a significant advantage