Security Operations And Responce Manager

The role requires technical knowledge of typical corporate IT systems, cloud native services and monitoring architectures though you will be expected to also contribute to the general security architecture and management of security while this is being established.

You will run all operational activities with regard to monitoring and response by selecting an MSSP SOC provider for us and ensuring that my client is adequately covered and the MSSP provider is integrated and performing as expected.

When established with a provider (to be chosen) the Security Operations and Response function will provide oversight and escalation of the security monitoring, incident response, and threat analysis for the firm. The function is responsible for managing the daily activities of system event logging, IDS monitoring, data leakage prevention, and incident triage, response, and analysis.

They also provide support for security investigations and incident management. They ensure the continuous monitor, detection, and response to security incidents and help improve the security posture of the firm by sharing lessons learned from responding to incidents.

Experience

• Demonstrable experience security monitoring and response and ability to run selection processes of a MSSP and other vendors.
• Proven experience operating or supervising a SOC function either at a vendor or within a corporation
• Management or operations of a SOC in typical corporate systems and cloud native applications.
• Solid understanding of regulatory and compliance requirements, including security frameworks such as NIST CSF, ISO 27001 and GDPR
• Experience of working under pressure and demonstrable experience of security incident management.
• Experience or commissioning Crisis Management scenarios and tabletop exercises with senior managers to prepare response capabilities
• Experience of managing and escalating issues and risks as they develop in clear and understandable ways to senior stakeholders.
• Holder of recognised, current security certificate (e.g. CISSP/CISM)
• Experience working in regulated environments/banking
• Ability to perform or commission assessments; identify security threats and vulnerabilities across the corporate enterprise; implement controls; provide reporting and analysis to appropriate teams
• Comfortable communicating across all levels of an organisation