Manage the internal ii Security Operations Team (SecOps) in day-to-day activities overseeing the management, strategy, and direction of our SIEM solution, EDR solutions and security incident management.
Monitor the security landscape, collate reports, evaluate trends and threats against our security posture, and coordinate remediation where required
Management of our external Security Operations Centre (SOC) and oversight of our SIEM solution.
Responsible for the security incident process owning incident response, investigations, and lessons learnt.
Analyse security systems / reports to identify trends and drive secure behaviours throughout the business.
Lead on a threat intelligence, detection, and response programme of work.
Lead the SecOps team on proactively identifying, Investigating, and hunting potential attacks and security risks on networks and systems using various platform dashboards and threat feeds.
Lead the team on analysis of security events as detected by security controls.
Management of Endpoint Detection and Response (EDR) - overall ownership and maintenance of agents, creation of exception rules, and reacting to alerts.
Play a lead role in coordinating and directing team efforts during incidents and ensuring prompt escalation
Oversee the vision and strategy of the Security Operations function, evolving the technology and maturity of the team.

Requirements

5 + years in a cyber security role.
Ability to manage a SecOp’s team.
Ability to define a Security Operations strategy overseeing initiatives to fruition of that strategy.
A deep understanding of technical and network security requirements.
Strong analytical and troubleshooting skills
Ability to proactively identify control weakness and vulnerabilities
Ability to decipher different types of malware and a knowledge of how to deal with it.
Knowledge and use of SIEM tooling i.e. Google Chronicle.
Experience in using the MITRE ATT&CK Framework to understand adversary actions and resulting mitigation techniques.
Excellent attention to detail.
Ability to remain calm under pressure and clearly communicate to all levels of management.
Experience in understanding Firewalls and IDS/IPS and Windows Security Event Logs.
Strong verbal and written communication skills with the ability to articulate complex ideas in easy to comprehend business terms
Ability to quickly understand existing infrastructure, network security principles, data flow and security architectures.
Knowledge of the fundamentals of cloud infrastructure as well as traditional technologies.
·Degree in IT / Cyber preferred or industry recognised qualification.

Benefits

Group Personal Pension Plan – 8% employer contribution and 4% employee contribution
Life Assurance and Group Income Protection
Private Medical Insurance – Provided by Bupa
25 Days Annual Leave, plus bank holidays
Staff Discounts on our investment products
Personal & Well-being Fund – Supporting your physical and mental wellness
Retail Discounts – Savings at a wide range of high street and online retailers
Voluntary Flexible Benefits – Tailor your benefits to suit your lifestyle

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

cyber securitysecurity incident managementthreat intelligenceincident responseanalytical skillstroubleshooting skillsmalware analysisSIEM toolingMITRE ATT&CK Frameworknetwork security

Soft Skills

team managementstrategic planningattention to detailcalm under pressurecommunication skillsanalytical thinkingproactive identificationleadershipcollaborationproblem-solving

Certifications

degree in ITdegree in Cyberindustry recognised qualification