Job Description
Cyber Security Operations Lead| 12 Months (Outside IR35)| Hybrid (Edinburgh)
Harvey Nash's client is recruiting for a Cyber Security Operations Lead on a 12 Month contract
Main Responsibilities
* Use understanding of digital systems and attack frameworks to apply theory to practice.
* Be aware of the current cyber threat landscape and industry best practices and standards.
* Lead on improvement to coverage and depth of security monitoring and vulnerability scanning
* Design vulnerability data gathering and prioritisation procedures
* Act as technical escalation point for analysts on significant incidents, investigations, including hands on experience
* Establish procedures for intelligence ingestion and threat hunting
* Working with architects and interpreting designs to ensure strong handover to SecOps during new service go live.
* Recommendation and implement improvements to SecOps processes and tools (e.g. automation of workloads)
* Design security KPIs and SecOps management reporting, and the gathering of data in support of them
* Own completion and accuracy of all SecOps-related product delivery evidence
Key Skills
* Security products (M365 Defender stack, Sentinel/SIEM, email filtering (including authentication protocols), AV, firewalls, WAFs, Defender for Cloud)
* Security Testing (SAST, DAST, vulnerability scanning, configuration compliance scanning)
* Virtualisation platforms and operating systems, including Hyper-V and Windows Server.
* Enterprise Systems (Azure, M365, Intune, email, PKI, AD, GP, SCCM)
* Application platforms (MS Dynamics, Power Platform)
* Cloud platforms (Azure)
* Detection engineering (Log Ingestion, Rule Development, Tuning and Maintenance, detection testing)
* Security monitoring service delivery and improvement
* Vulnerability detection service improvement, finding prioritisation and reporting.
* Ability to communicate on technical issues with users and senior managers
* Recent experience in incident response
* Ability to work well in small team with internal colleagues and suppliers
* Ability to self-start, accept ownership and oversee organisation wide protective responsibilities
* Ability to share knowledge and experience with colleagues, including mentoring of analysts
This role falls outside of IR35 and is hybrid working with the expectation to attend the Edinburgh office as and when required. Please note that for this role you must have or be happy to get a Standard Disclosure Scotland. To apply, please send your CV using the link.