We are recruiting for a Head of Information Security Operations to ensure that the confidentiality, integrity, and availability of information systems are maintained to protect customer, corporate, and third-party data. You will have responsibility for the management of the CERT function as well as responsibility for the management of the SEIM and SOC partners.
This is a hybrid position with 2 days required on site each week.
Responsibilities
* Creation and maintenance of Information Security processes and procedures to support business policies and operations.
* Provide leadership and management of Information Security Operational teams to ensure efficient and effective, proactive and reactive security monitoring and defense across information assets.
* Ensure regular KPIs are developed and maintained and identify areas for improvement and make recommendations accordingly.
* Be the lead in Cybersecurity incident response and ensure processes and procedures and playbooks are efficient, effective, and are tested regularly in line with policy.
* Develop and maintain a schedule of operational checks to ensure the confidentiality, integrity, and availability of information assets is maintained and in line with compliance and regulation.
* Act as an escalation point for Information Security Incidents, changes, and problems.
* Responsibility for IDAM management and control.
* Production of Risk Landscape documentation in conjunction with the Information Security Risk functions and other colleagues.
Experience
* Minimum 5+ years commercial experience with the following technologies/systems:
* Firewall/NIDS/DLP/Anti-Virus/Identity Awareness/URL Filtering
* SIEM
* Enterprise Desktop and Server Anti-Virus/Malware and endpoint protection technologies
* Vulnerability Security Scanning
* Microsoft Windows Server family of products.
* Operational experience of PCI DSS
* Citrix XenApp, remote access products
* LAN & WAN networking using routers, switches, and infrastructure products.
* Good understanding of TCP/IP
* Identity and access management systems
* Active Directory, GPO Configuration
* Citrix /VMWare
* Experience of managing and developing a SIEM system, and feeding events into a SOC in order to identify and alert on security incidents
* Understanding of security issues and ability to allocate work to appropriate resources and manage escalations effectively
* Understanding of vulnerability management and defense against attacks in order to drive the business in improvement
* Understanding of Identity and Access Management function and technology in order to drive improvement of the function