Title: Head of Operational Security
Reference No: 2181
Company: Online
Location: London, UK
Reports to CISO
Day Rate: TBC
Duration 5 months
The Role
This role reports to the CISO and is part of the security leadership team.
The Person:
An analytical problem solver with demonstrable long-term experience leading and improving operational security functions who enjoys working as part of a team in a rapidly evolving environment. Experience of securing a large-scale DevOps and Cloud environment is a must. Secure handling of large volumes of customer data is vital.
As the Head of Operational Security, you will be responsible for leading and driving improvement within SOC activities (Tier 1 & 2), Incident Response, SecOps Automation, Threat Intelligence and Security Posture Management. Reporting to the CISO (who is responsible for Cyber Security, Physical Security and Fraud Prevention), this role is a member of the security leadership team. Partnership with the Infrastructure and Operations team, particularly for incident management, is essential, so you’ll need to be collaborative and good at transparent communications. We’re quite passionate about protecting our colleagues and the brand, so we would love someone who can thrive and develop on an ever growing and changing security landscape.
Responsibilities:
• Develop an operational security strategy to create a step change improvement in capabilities. Build and deliver the services in the strategy.
• Ensure incident identification, assessment, quantification, reporting, communication, mitigation and monitoring.
• Revise and develop processes and automation to strengthen the current security operations framework, drive efficiencies and reduce time to respond.
• Perform threat management, threat modelling, identify threat vectors and develop use cases for security monitoring.
• Deliver improvements to the internal incident reporting process.
• Responsible for team & vendor management, overall use of resources and initiation of corrective action where required.
• Responsible for managing the completeness and cost of data ingestion into security tooling.
• Creation of reports, dashboards and metrics for operational security and their presentation to senior management.
• Co-ordination with stakeholders, build and maintain positive working relationships with them.
• Develop crisis simulation exercises to meet regulatory requirements and to enhance the response capability.
• Build relationships with other relevant organisations and industry bodies to bring in best practice.
Qualifications/Experience/Skills:
• The successful candidate will demonstrate competency in cyber security by having either the relevant work experience, completed a degree or obtained industry relevant certifications (e.g., CISSP, CISM, CISA, CRISC)
• Significant experience in operational security, especially managing a Computer Incident Response Team (CIRT), Computer Emergency Response Team (CERT), Computer Security Incident Response Centre (CSIRC) or a Security Operations Centre (SOC)
• Experience in industry standards and frameworks, such as ISO 27001, PCI DSS and NIST CSF
• Relevant experience of working an operational security capacity
• Experience in security device management and SIEM
• Proven experience of Incident Management and Response
• In depth knowledge of security concepts such as TTPs, threat vectors, risk management, incident management etc.
• Experience in threat management
• Proficient in preparation of reports, dashboards, presentations and documentation
• Excellent communication and leadership skills
• Experience in getting the best from vendors
• Ability to handle high pressure situations with key stakeholders
• Good Analytical skills, Problem solving and Interpersonal skills
Behavioural competencies:
• Ability to react quickly, decisively, calmly and deliberately in high-stress, high-impact situations
• Motivated, self-starter who can create a pragmatic plan to deliver from a blank page
• Data driven with an innate curiosity and drive for transparency through rigorous measurement
• Sense of urgency to resolve security incidents and risks
• A team focused mentality with excellent relationship management skills
• Fast learner who can assimilate information quickly
• Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one
• An understanding of business needs and commitment to delivering high-quality, prompt, and efficient service to the business
• An understanding of organizational mission, values, and goals and consistent application of this knowledge