CSIRT Manager Cyber / Security / Incident

Job Description

GSA Techsource are currently recruiting for a CSIRT Manager to work for a Global IT Service Provider. This is an initial 6 month contract with high likelihood of an extension.The CSIRT Manager is responsible for establishing and leading a high performing security operations functio. This role will report directly to the Head of Security Operations and oversee the implementing, management and assurance of the clients security incident, management and response team.You will assist with the formulation of the enterprise strategy, processes and assurance model to deliver a Security Operatation Service across the clients Market and Business Units. Working to provide assurance for consistent process being applied with the MUs and BUs for Detection and Response to identified incidents.This role is responsible for maintaining the Security Operations management strategy and processes in conjunction with the wider MU CISO teams. You will act as the business owner and subject matter expert on Security Operations, providing guidance and managing the full lifecycle of reported incidents through to closure.Knowledge and Experience Required: - A technical degree and / or industry recognised qualification and demonstrable experience in Information Security Management (e.g. CISSP, CISM, or GIAC Certification).- A sound understanding of British and International Security Standards (e.g. CIS security benchmarks, ISO/IEC 27001, ISO/IEC 27002, NIST, CSC20, PCI-DSS) relevant UK and EU privacy legislation (especially Data Protection Act 1988 and EU GDPR) and the UK regulatory environment (e.g. ICO, FCA, PRA and CQC).- A logical approach to conceptual thinking and the ability to solve problems to the highest quality in different scenarios.- Ability to maintain a high degree of confidentiality.- Influencing and facilitating people within BINS and the other Market Units, business teams globally and external parties (for example the clients customers, Regulators, Third Party Suppliers, Offshore Partners and other business relationships).- Delivering persuasive messages with excellent written and verbal communication skills.Accountabilities & Activities: The role will: - Engage with the wider business to understand the security risks and threats to the client and use this to inform requirements for the security incident, management and response team.- Develop and maintain a high performing security incident, management and response function with the people, processes and technologies required to detect and respond to sophisticated cyber security events across various technologies used by the client.- Co-ordinate activities with the security engineering team through the operation, development and implementation of process, procedures and tools to identify, manage, secure and consolidate event information into actionable output capable of initiating SOC incident management services.- Establish the process, procedure, tools, measures and metrics to ensure identification and remediation of operational deficiencies, providing KPI data from which to predict the effectiveness of security operations and services.- Develop, implement and manage the deployment of a 24x7 incident, management and response service ensuring that the clients IT integrity and security is assured through a continuous process of effective monitoring.- Develop, implement and manage the Incident Response framework to manage security incidents from identification to closure.- Embed applicable Enterprise Security Policies, Standards, Tools and Processes into the incident, management and response function.- Develop and manage relationships with strategic third-party information security suppliers, partners and industry forums- Provide IT security consultancy and guidance, ensuring business needs remain compliant with industry regulations, internal information risk policies and standards.This contract will begin working remotely with a view to returning to the office, probably on a part time basis. Office locations are either Salford or Staines.This role is inside IR35.GSA Techsource Ltd operates as an Employment Agency when recruiting for permanent vacancies, and an Employment Business when recruiting for contract vacancies. All contract rates quoted are to Ltd companies.