Threat Defence Operations Manager - Buckinghamshire

IT/Information/Cyber Security
Ref: 150 Date Posted: Monday 28 Nov 2022
LinkedIn ShareShare
Company:           Energy
Location:             Hybrid, Buckinghamshire
Reports to          Head of Threat Defence
Salary:                 £70,000 - £80,000
 
The Role
 
The vision for this Threat Defence role is to build on the existing capabilities to develop a best practice threat defence capability.  The role offers an opportunity to work with the Head of Threat Defence to define, implement and manage the Threat Defence Operations Management function within the Threat Defence Team.   We’re looking for a motivated and experienced individual who wants to join a high performing team and be a part of and influence a transformational journey.
 
Successful candidates will be required to achieve and maintain SC clearance.
 
Main Responsibilities 
 
•             Assist in documenting and shaping the Security Operations, Reporting and Service Governance to enhance the current capabilities. 
•             Document and maintain the governance and assurance of the Security Operations services in the strategy through a combination of in house and outsourced service providers.
•             Ensure appropriate documentation is created and maintained for all in-house Security Services and alignment with externally provided services.
•             Act as primary contact for the security operations centre service (outsourced), and aligned internal capabilities and services across the enterprise for Security Operations.
•             Act as primary contact for Penetration Testing Services, liaising with Penetration Testing companies and internal stakeholders for scoping and delivery of the services.
•             Develop and manage Security Change Management Processes.
•             Develop and manage Incident Response Lessons Learned Processes.
•             Act as Cyber Security Incident Response Co-ordinator (Incident Action Log).
•             Revise and develop processes to strengthen the current Security Operations Framework including review policies and highlight the challenges in managing SLAs.
•             Deliver improvements to the internal incident reporting process.
•             Creation of reports, dashboards, metrics for Threat Defence Services and presentations to senior management.
•             Co-ordination with stakeholders, build and maintain positive working relationships with them.
 
Requirements
 
Vocational Qualifications:
•             Relevant experience of working a threat defence capacity
•             A relevant qualification
•             Experience in Service Management
•             Proven experience of Incident Management and Response
•             Knowledge of security concepts such as cyber-attacks and techniques, threat vectors, risk management, incident management etc.
•             Experience in threat management
•             Knowledge of various operating system flavours including but not limited to Windows, Linux, Unix
•             Knowledge of applications, databases, middleware to address security threats against the same.
•             Proficient in preparation of reports, dashboards and documentation
•             Excellent communication and leadership skills
•             Experience in performing vendor management
•             Ability to handle high pressure situations with key stakeholders
•             Good Analytical skills, Problem solving and Interpersonal skills
•             Working knowledge and experience with MS office with proficiency in Excel
 
Experience required:
•             Significant experience in information security, especially on a Computer Incident Response Team (CIRT), Computer Emergency Response Team (CERT), Computer Security Incident Response Centre (CSIRC) or a Security Operations Centre (SOC)
•             Demonstrable experience of managing outsourced security services and driving continuous improvement
•             Demonstrable experience of developing and delivering a cyber defence strategy
 
Specific knowhow and technical skills:
•             Technical expertise in anti-virus solutions, virus outbreak management, and the ability to differentiate virus activity from directed attack patterns
•             Technical expertise in Intrusion Prevention System (IPS)/Intrusion Detection System (IDS), SIEMs and other Computer Network Defence (CND) security tools.
•             Six sigma and ITIL