HEAD OF SECURITY OPERATIONS
£80,000 – £85,000
Our Global Fortune 500 Client currently have an exciting opportunity for a Hands-On Head of Security Operations to join their team. Working closely with the CISO, the successful individual is required to protect esure’s Information Systems & Networks from security breaches and cyber threats. The role involves leading a team of Security analysts and specialists responsible for responding to security events, conducting investigations, and improving a portfolio of cybersecurity tools, with that team management experience is required for the role. The Head of Security Operations will also get the opportunity to lead on various projects and be involved in vendor selections.
Key Responsibilities of the Head of Security Operations will include:
- Operational Oversight: Lead daily operations of the Security Operations Team, including detection, response, and resolution of security incidents.
- Team Leadership: Lead, train, and mentor and develop the team.
- Investigations: Coordinate the management and escalation of security incidents, coordinating responses with internal and external partners, including Legal, DPO, and Fraud teams.
- Vendor Management: Manage relationships with external vendors to ensure the receipt of high-quality and timely services.
- Policy Enforcement: Ensure that all security operations are conducted in accordance with company policies and regulations.
- Reporting: Regularly update the CISO and other senior leaders on the status of ongoing security operations initiatives and the current risk posture. Provide security operations metrics for monthly KPI and KRI indicators.
- Monitoring and Analysis: Continuously supervise security systems, analyse potential threats and vulnerabilities, and use security and network tools to identify and categorize incidents.
- Incident Response: Take timely action in the case of a security breach
- Security Tooling: Maintain and update security operation tools to improve threat detection.
- Threat Intelligence: Stay up to date with the latest intelligence on cybersecurity threats, including malware, ransomware, and phishing tactics, to pre-empt potential attacks.
- Runbook and Policy Development: Develop security policies and runbooks and assist in conducting regular audits to ensure compliance.
- Training and Education: Provide advice and training to staff to raise awareness of InfoSec and promote good security practices.
- Standby & Callout: Provide out-of-hours support as part of a standby rota for high-priority alerts and incidents outside of business hours.
- Continuous Improvement: Recommend and implement new cyber initiatives to evolve esure’s cyber capability.
Key Skills & Experience:
- Proven Experience within Cyber Security environments
- Certifications such as CISSP, CISM, or other relevant credentials are helpful.
- Experience leading security incidents in an enterprise setting. Experience with fraud and financial crime investigations is desirable.
- In-depth understanding of information security concepts, cyber risk management, and various security technologies, including EDR, DLP, SWG, ZTNA, SIEM, Email Gateway, and Firewalls.
- Strong leadership skills and being dedicated to mentoring and upskilling multi-disciplinary teams.
- Hands-on experience with Active Directory, AWS, and Azure cloud platforms, as well as Windows and Linux operating systems.