Role Purpose:
We are recruiting for a Security Operations Team Lead to join the IS team at a valued client of ours. You will lead the SecOp's team and help maintain and protect their key business assets from threats and risks by monitoring, detecting, analysing, and responding to security incidents.
KEY RESPONSIBILITIES:
• Lead the internal Security Operations Team (SecOps) in day-to-day activities overseeing the management, strategy, and direction of our SIEM solution, EDR solutions and security incident management.
• Monitor the security landscape, collate reports, evaluate trends and threats against our security posture, and coordinate remediation where required
• Management of our external Security Operations Centre (SOC) and oversight of our SIEM solution.
• Responsible for the security incident process owning incident response, investigations, and lessons learnt.
• Analyse security systems / reports to identify trends and drive secure behaviours throughout the business.
• Lead on a threat intelligence, detection, and response programme of work.
• Lead the SecOps team on proactively identifying, Investigating, and hunting potential attacks and security risks on networks and systems using various platform dashboards and threat feeds.
• Lead the team on analysis of security events as detected by security controls.
• Management of Endpoint Detection and Response (EDR) - overall ownership and maintenance of agents, creation of exception rules, and reacting to alerts.
• Play a lead role in coordinating and directing team efforts during incidents and ensuring prompt escalation
Requirements
• 5+ years in Cyber Security positions
• Degree in IT / Cyber preferred or industry recognised qualification.
• Strong Knowledge and use of SIEM tooling
• Ability to lead a SecOp's team and follow a defined strategy.
• A deep understanding of technical and network security requirements.
• Experience in using the MITRE ATT&CK Framework to understand adversary actions and resulting mitigation techniques.
• Excellent attention to detail.
• Ability to remain calm under pressure and clearly communicate to all levels of management.
• Experience in understanding Firewalls and IDS/IPS and Windows Security Event Logs.
• Ability to quickly understand existing infrastructure, network security principles, data flow and security architectures.
• Knowledge of the fundamentals of cloud infrastructure as well as traditional technologies.
Benefits
• Group Personal Pension Plan – 8% employer contribution
• Life Assurance and Group Income Protection
• Private Medical Insurance
• 25 Days Annual Leave, plus bank holidays