The IT Security Operations Lead is responsible for the day-to-day management of a small security operations centre with responsibility for SIEM, Vulnerability Management, Network Security, Secure Configuration, Certificate Management, Penetration Testing etc. and possesses excellent knowledge of security tools, standards and industry best practices.
The Security Operations Lead will have responsibility for the day-to-day management of the security operations team working in close collaboration with internal stakeholders, outsourcing partners and external vendors to monitor and manage all aspects of the security operations centre including (but not limited to) infrastructure and application patching, vulnerability management, activity monitoring and more.
Hands on role with 70/30 split between security operations and lead activities.
- Day to day management of security operations centre, ensuring an optimal level of security is maintained and aligned to industry best practise
- Work closely with technology teams on the implementation of policies, procedures, and controls to ensure that the organization’s practices remain compliant with industry best practice standards, as well as implementing and managing security technologies that will maintain and raise the overall security posture of the organization
- Investigate cyber security incidents and operate software/hardware to protect information systems and all infrastructure
- Input into overall organisational security strategy
- Make recommendations to control any risks identified and to ensure they are implemented.
- Responsible for mentoring and capability development of Security Operations team members
- Work with Security Architecture and key stakeholders in tracking latest IT security innovations and keeping abreast of latest cyber security technologies
- Complying with the latest regulatory and compliance requirements
- Assist with production of the monthly and quarterly security management dashboard
- BSc or MSc in Computer Science, Information Security or equivalent experience
- 5+ years of experience in IT Cybersecurity with track record of mentoring and developing junior staff
- A proven track record in similar IT Security role in the Finance/Insurance industry
- Experience working with security controls across 1 or more domains: Access
- Management, Network Security, Data Security, Vulnerability Management, Group Policy, Security Incident Event Monitoring, EDR etc.
- Develop and establish security management processes
- Good knowledge of IT security standards, best practices, processes, and systems (ITIL, ISO 27001 and/or CoBIT) – qualifications in these areas would be advantageous
- Passion for IT Security keeping abreast of the latest cyber security technologies
- Good knowledge of security from the perspective of securing servers, workstations, network infrastructure, web applications, architecture, and access management, as well as PCI-DSS requirements
- Ability to communicate complex technical ideas in a simple way to non-specialist audiences
- Solid people management skills – providing direction, monitoring performance, motivating staff and building a positive working environment
- Ability to adapt to a fast-moving IT landscape and keep pace with latest thinking and new security technologies