Security Operations Manager

Full Time Bristol Bristol (County) IT Job Pro UK

Security Operations Manager

Based in Bristol

Flexible working from home/office

The Opportunity

The successful candidate will be responsible for planning, direct and control the SOC functions and operations. Ensure the monitoring and analysis of incidents to protect People, Technology and Process addressing all security incidents and ensuring timely escalation. Direct the Cyber Intelligence capability to identify potential threats delivering strategic reports and strategies to minimise the impact of the threat.

Responsibilities:

Leading and managing the Security Operations and team of security operational staff members

Primarily responsible for directing security event monitoring, management and response and cyber intelligence

Ensuring incident identification, assessment, quantification, reporting, communication, mitigation and monitoring

Ensuring compliance to policy, process, and procedure adherence and process improvisation to achieve operational objectives

Revising and develop processes to strengthen the current Security Operations Framework, Review policies and highlight the challenges in managing SLAs

Responsible for initiation of corrective action where required for Security Operations Centre

Ensuring daily management, administration & maintenance of security devices to achieve operational effectiveness

Ensuring threat management, threat modelling, identify threat vectors and develop use cases for security monitoring

Creation of reports, dashboards, metrics for SOC operations to support presentations to Sr. Mgmt.

Act as the primary focal point for potential Security Incident escalation during a major incident/crisis situation in conjunction with Head of Cyber Operations

Provide direct line management, coaching and mentoring for ARCHANGEL™ Analysts engaged in monitoring, alerting and incident handling

Maintain Operational 'best practice' within the SOC, promoting a standing high-degree of professional attention to detail for all outputs generated in the course of ARCHANGEL™ SOC normal business

Establish strong and sustainable working and sharing relationships with internal Stakeholders and Customers for operational reporting and Incident Handling

Maintain a broad and current understanding of evolving threats and vulnerabilities to ensure the integrity of monitored networks is maintained in conjunction with the CIRT

Provide SME input into ARCHANGEL™ business development opportunities as required in order to help define potential improvements to Service

What we are looking for

Demonstrable track record within Cyber Security Operations, including Security Monitoring, Incident Handling, Incident Response and Threat Intelligence

SIEM and IDS experience

Be able to be cleared to UK SC.

In-depth understanding of Cyber Security and Information Governance (ISO27001, NIST CSF)

Experience of working within technically complex environments or on a project with multiple participants.

Ability to assimilate information, take decisions and communicate to stakeholders.

Ideally CISSP or CISM Proven experience of general technology infrastructure technologies and principles

Strong leadership qualities and experience Finger on the pulse with the latest developing trends in cyber-attack techniques, cyber kill chain, and effective compensating mitigation and detection controls

Knowledge and understanding of up to date security threats and common exploits Understanding of the underlying protocols and data used as the basis for the security monitoring service, including: HTTP, HTTPS, SQL, TCP/IP, Active Directory

Knowledge and experience working with security tools used to monitor business environments (SIEM, netflow, IDS/IPS, Vulnerability Management, Advanced malware detection, EDR, AntiVirus etc).

Operational knowledge of Service Level Agreements (SLAs) and their delivery.

Understanding of technical trends within the ICT or cyber security industry and how modern technology can be harnessed to enhance the delivery of services

To apply for this job please visit itjobpro.co.uk.