Technical Threat Manager

Job Description

Primary DetailsTime Type: Full time Worker Type: Employee Technical Threat Manager London/Hybrid Its an exciting time to be at QBE...Were going through a period of company-wide transformation and modernisation with the aim of providing the best service to our customers! Are you ready to make your career at QBE We are on the lookout for passionate and diverse Technical Threat Managers to help drive essential planning and execution of all purple teaming engagements, attack simulations whilst manging deception technology globally. You will be working closely with other teams within Group Cyber Security to push the boundaries of technology in a fast-paced and dynamic environment. Investing in Technology is a big part of our transformation, but it is not all about the tech. Its the way we think and work every day and our people key to this. Which is why were just as focused on investing in you. Your responsibilities for this role may include, but are not limited to:

• Manage the delivery and daily operations for the Advance Threat Services function, consisting of the purple team engagement and deception operations. The goal is to continually improve the threat detection, prevention, and response capabilities for QBE:
• Manage the global attack simulations to identify gaps in detection and prevention capabilities and offer guidance on necessary improvements.
• Manage the development of the Attack Simulation Platform and Deception technology.
• Drive the collaboration on scoping of purple team projects with our security partners and Global Security Operations.
• Develop and maintain cyber detection rules and use cases to detect threats and security risks in QBEs IT infrastructure.
• Build custom detection rules for specific environments and systems to improve the accuracy and effectiveness of the detection systems.
• Lead the development of automation for both purple team and deception operations. In addition, any defensive activities to support the security operations.
• Provide expertise on the latest attacker techniques and behaviour, exploring detection and prevention methods to improve QBE security controls.
• Influence and communicate with other divisions within Group Cyber Security, Engineering, and Global IT to advance detection, prevention, and response approaches through information sharing and Cyber defensive training.
• Manage and hunt for threats by developing hypotheses, defining search criteria, validating findings, and suggesting corrective measures.
• Create and maintain threat hunting procedures for QBE by working closely with the Threat Intelligence team.
• Assist in the recommendations for security configurations for both purple team and deception infrastructure at QBE.
• Educate global team members on technical topics pertaining to red and blue team activities within security operations, helping upskill the global team.
• Support the GSOC team with Incident Response when required.
• Produce comprehensive reports with meticulous attention to detail.

You will need to be able to display you have the following qualifications and experience:

• 3 years experience in driving or delivering both offensive and defensive security programs.
• Advanced understanding of tactics, techniques, and procedures that modern attackers use to compromise organisations.
• Experience in conducting both red team and purple team engagements that simulate real-world attack scenarios.
• Developing and implementing effective strategies for cyber threat hunting, building detection, and offensive security.
• Advanced technical expertise of security solutions and technologies, including Windows, Linux, applications, networking, and architecture.
• Manage relationships with global security operations colleagues and other departments, including network teams and incident managers.
• Demonstrated ability to make decisions on remediation and counter measures.
• Be able to communicate effectively and update senior stakeholders globally.
• Experience in managing a technical team and technical deliverables.
• Analytical and problem-solving skills
• Excellent communication and interpersonal skills

Preferred Licenses/Certifications

• Security certifications in any of the following SANS (GCIH, GCIA, GPEN, GREM), ISC2 (CISSP, CCSP), ISACA, CEH, CREST, OSCP or equivalent

Why QBE We understand that one size doesnt fit all and that priorities can change depending on your life stage. That is why our blend of wellbeing initiatives and benefits offer flexibility to suit what matters most to you. Its in the culture of our business, ourQBE DNA, to support our people. Everything we do is underpinned by our QBE DNA - because we know its not just what we do that matters, its how we do it that makes the difference . In addition to this, we also offer flexible parental leave for both parentsand have several employee network groups that support and empower our diverse workforce. At QBE, we view our people as our most precious asset. We understand the importance of fostering a work environment that is responsive to the changing needs of todays workforce. QBE aims to build a workplace that is fair and inclusive because we want to attractand retain the best people to do the job, we have adopted flexible working across the company and welcome this conversation (https://careers/flex-qbe/) . Some of the awards QBE are proud to have won, been a finalist for, and shortlisted for include; " 5-star Diversity, Equity and inclusion (DEI) awards, 2023 Winner - Insurance Business Canada Employer of the Year 2022 Winner - Insurance Insider British Claims Awards 2022 Winner - InsurTech Award " Insurance Times Claims Excellence Awards 2022 Winner - Claims Product Solution of the Year " Working Families Best Practice Awards 2021 Finalist for: Best COVID-19 Response" " Insurance Post British Insurance Awards 2022 Shortlisted for: Best Customer Care, Diversity & Inclusion Initiative of the Year 2022, Specialist Insurer of the Year (for Construction), General Insurer of the Year " We are proud to have partnerships with organisations such as Stonewall and Working Families, and our commitment to the Women in Finance Charter, the UN Womens Empowerment Principles and Race at Work charter helps keep us accountable and transparent Inclusion of Diversity We are striving to create a workplace culture whe