Cyber Security Operations Lead

Job Description

Cyber Security Operations LeadIncredible opportunity for someone who is looking to progress their career rapidly into senior cyber security management. This role is with a large-scale multinational group organisation of over 60,000 staff operating within the Critical National Infrastructure domain. The business is in the process of a rapid expansion within its cyber and infosec capability and youll be joining the team at a reasonably early stage in this process.The role will ideally suit an individual with a technical background, who has worked in a SOC / Security Operations Centre in a reasonably senior capacity (e.g., a Senior SOC Analyst or SOC Lead / Manager).Alternatively, it could also be a good fit if you have a strong understanding of Security Controls, Vulnerability Management, Incident Response.While initially there is no requirement to manage a team, it is expected that for the right person youll progress quickly into management, for which full support will be provided. What youll do:Work closely with the Head of Security Operations and other internal stakeholders to:

• Ensure the IT security requirements for the Group infrastructure estate are correctly functioning and that IT security controls are in place and correctly managed.
• Work with outsourced security suppliers to help manage such security services that are not provided in-house (for example the SIEM - currently Splunk).
• Assist in the definition and implementation of a KPI framework that can be used to measure effectiveness of controls, and provide regular reporting on this.
• Support the running and provision of vulnerability assessments to the business and support mitigation projects, as necessary.
• Support the maturity and operations of the (outsourced), Security Operations Centre (SOC).
• Support the running of monitoring systems for intrusion detection and prevention;
• Occasionally act as the first line of incident response / escalation.
• Investigate suspected (and actual) security incidents in accordance with the security incident management standard, producing reports with recommendations and ensure remedial action is taken.
• Auditing of identity and access control systems.
• Support the implementation of a zero-trust identity framework including Multifactor authentication, Privilege Identity Management (PIM) and Conditional Access.
• Support the implementation of Endpoint Security Solutions across the Group
• Work with operational teams to support incident response resolutions.
• Understand and drive vendor relationship for cyber security products or services that are in production
• Support the IT Security elements of the Groups move towards cloud-based solutions.

Skills and experience desired (you do not need all of the following):

• A technical background in infrastructure or application support
• A strong understanding of technical security controls
• Experience managing security testing requirements
• Knowledge of some of the following areas of IT Security; Digital Cyber Security, Identity and Access Management, Authentication and Single Sign On; Audit; Secure Communications and Cryptographic Services; network protection, SIEM technologies, web proxiesand Office365.
• Excellent written and verbal communication skills, with an ability to explain complex topics to a non-technical audience (at all levels of the organisation)

Its a great time to get involved with an ambitious, prosperous organisation with a great company culture. Great work-life-balance and excellent career progression opportunity.Sunderland based.Flexible working allowed (work from home).Paying up to £55,000 + corporate benefits.