Security Operations Manager - Infrastructure / Networking / Cyber

Job Description

Security Operations Manager - Infrastructure / Networking / Cyber

Job Market - IT / Infrastructure & Security

Location - London 


Security Operations Manager - About the role

My city based and leading specialty insurance group client is looking to hire a Security Operations Manager who will be responsible for overseeing the Security Operations team.

The team deploys process and technology to continuously monitor and improve the company's security position, while preventing, detecting, analysing, and responding to cybersecurity incidents. You will also deputise for the Information Security Officer, with the potential to develop into this role.

Security Operations Manager - Key duties

Oversee the design and delivery of Security Operations (including SOC) strategy and operating model

Lead and supervise the Security Operations team, including hiring, training, and managing both permanent and temporary staff

Direct the investigation of any suspicious activities and/or security events from any sources to ensure they’re contained, remediated, and reported as detailed within the Security Incident Response framework

Manage and continually improve the integration, efficiency, and effectiveness of the 3rd party managed SOC solution to ensure the appropriate events and logs are being collected, analysed, and alerted on, for both local and cloud-based events

Improve and regularly test the effectiveness of the Security Incident Response framework

Develop, document and continually improve a formal threat intelligence program

Deputize for the Information Security Officer with the potential to develop into that role

Support the Information Security Officer by providing regular updates on key operational security metrics and emerging risks

Oversee the implementation, management, and continual improvement of security technologies both on premise and in the cloud (e.g. SIEM solution, anti-virus, privileged access management, CASB, web and email filtering, SPF/DMARC, vulnerability and configuration scanning) and the processes that support them

Where possible, integrate and harmonize disparate security technologies and processes to improve their overall efficiency and effectiveness (e.g. integrate A/V with ACS tech, evaluate and implement/extend cloud security tools)

Develop, implement and maintain Security Operations controls and the key performance indicators (KPIs) that accurately measure compliance to them

Act as the primary escalation point for any operational security issues reporting into the Information Security Officer

Security Operations Manager - Key requirements

Experience working in a Security Operations function

Strong knowledge of the Wintel environment at an infrastructure level, most importantly from a networking perspective

Strong, proven experience managing a technical security incident response program Desirable

Experience with ISO 27001 or NIST Cybersecurity Framework

Incident Response - SANS GIAC Incident Response or similar

Networking - CCNP or equivalent

Cloud Security - CCSP, CCSK, PCSM, CCSS, and/or any specific Cloud Security certificate (e.g. Google, AWS, Azure) • General Security - CISSP, CISM

Any SecOps related certifications, including security vendor certifications