The IT Security Operations Lead is responsible for the day to day management of a small security operations centre (2/3 people) with responsibility for SIEM, Vulnerability Management, Network Security, Secure Configuration, Certificate Management, Penetration Testing etc. and also possesses excellent knowledge of security tools, standards and industry best practices.
Reporting to the Head of IT Security the Security Operations Lead will have responsibility for the day to day management of the security operations team working in close collaboration with internal stakeholders, outsourcing partners and external vendors to monitor and manage all aspects of the security operations centre including (but not limited to) infrastructure and application patching, vulnerability management, activity monitoring and more. Hands on role with 70/30 split between security operations and lead activities.
- Day to day management of security operations centre, ensuring an optimal level of security is maintained
- Work closely with technology teams on the implementation of policies, procedures and controls to ensure that the organization’s practices remain compliant with industry best practice standards, as well as implementing and managing security technologies that will maintain and raise the overall security posture of the organization
- Manage a regular external and internal scanning/pen testing program
- Investigate cyber security incidents and operate software/hardware to protect information systems and all infrastructure
- Input into overall organisational security strategy
- Make recommendations to control any risks identified and to ensure they are implemented.
- Responsible for performance management and capability development of Security Operations team members
- Work with Security Architecture and key stakeholders in tracking latest IT security innovations and keeping abreast of latest cyber security technologies
- Complying with the latest regulatory and compliance requirements
- Assist with production of the monthly and quarterly security management dashboard
Required Skills and Competencies
- BSc or MSc in Computer Science, Information Security or equivalent experience
- 5+ years of experience in IT Cybersecurity with strong track record of managing a security team
- A proven track record in similar IT Security role in the Finance/Insurance industry
- Minimum 3-5 years relevant experience in IT security
- CISSP, CISM, CISA or other industry security certifications highly beneficial
- ITIL certification a significant advantage
- Experience working with security controls across 1 or more domains: Access Management, Network Security, Data Security, Vulnerability Management, etc.
- Experience of working with/managing NAC, SIEM and PAS/PAM
- Develop and establish security management processes
- Good knowledge of IT security standards, best practices, processes and systems (ITIL, ISO 27001 and/or CoBIT) – qualifications in these areas would be advantageous
- Passion for IT Security keeping abreast of the latest cyber security technologies
- Good knowledge of security from the perspective of securing servers, workstations, network infrastructure, web applications, architecture and access management, as well as PCI-DSS requirements
- Ability to communicate complex technical ideas in a simple way to non-specialist audiences
- Solid people management skills – providing direction, monitoring performance, motivating staff and building a positive working environment
- Ability to adapt to a fast-moving IT landscape and keep pace with latest thinking and new security technologies with a passion for technology and IT security
- Strong stakeholder focus – able to meet the demands of internal and external customers