Security Operations Manager

Based in Bristol

Flexible working from home/office

The Opportunity

The successful candidate will be responsible for planning, direct and control the SOC functions and operations. Ensure the monitoring and analysis of incidents to protect People, Technology and Process addressing all security incidents and ensuring timely escalation. Direct the Cyber Intelligence capability to identify potential threats delivering strategic reports and strategies to minimise the impact of the threat.

Responsibilities:

Leading and managing the Security Operations and team of security operational staff members
Primarily responsible for directing security event monitoring, management and response and cyber intelligence
Ensuring incident identification, assessment, quantification, reporting, communication, mitigation and monitoring
Ensuring compliance to policy, process, and procedure adherence and process improvisation to achieve operational objectives
Revising and develop processes to strengthen the current Security Operations Framework, Review policies and highlight the challenges in managing SLAs
Responsible for initiation of corrective action where required for Security Operations Centre
Ensuring daily management, administration & maintenance of security devices to achieve operational effectiveness
Ensuring threat management, threat modelling, identify threat vectors and develop use cases for security monitoring
Creation of reports, dashboards, metrics for SOC operations to support presentations to Sr. Mgmt.
Act as the primary focal point for potential Security Incident escalation during a major incident/crisis situation in conjunction with Head of Cyber Operations
Provide direct line management, coaching and mentoring for ARCHANGEL™ Analysts engaged in monitoring, alerting and incident handling
Maintain Operational 'best practice' within the SOC, promoting a standing high-degree of professional attention to detail for all outputs generated in the course of ARCHANGEL™ SOC normal business
Establish strong and sustainable working and sharing relationships with internal Stakeholders and Customers for operational reporting and Incident Handling
Maintain a broad and current understanding of evolving threats and vulnerabilities to ensure the integrity of monitored networks is maintained in conjunction with the CIRT
Provide SME input into ARCHANGEL™ business development opportunities as required in order to help define potential improvements to Service

What we are looking for

Demonstrable track record within Cyber Security Operations, including Security Monitoring, Incident Handling, Incident Response and Threat Intelligence
SIEM and IDS experience
Be able to be cleared to UK SC.
In-depth understanding of Cyber Security and Information Governance (ISO27001, NIST CSF)
Experience of working within technically complex environments or on a project with multiple participants.
Ability to assimilate information, take decisions and communicate to stakeholders.
Ideally CISSP or CISM Proven experience of general technology infrastructure technologies and principles
Strong leadership qualities and experience Finger on the pulse with the latest developing trends in cyber-attack techniques, cyber kill chain, and effective compensating mitigation and detection controls
Knowledge and understanding of up to date security threats and common exploits Understanding of the underlying protocols and data used as the basis for the security monitoring service, including: HTTP, HTTPS, SQL, TCP/IP, Active Directory
Knowledge and experience working with security tools used to monitor business environments (SIEM, netflow, IDS/IPS, Vulnerability Management, Advanced malware detection, EDR, AntiVirus etc).
Operational knowledge of Service Level Agreements (SLAs) and their delivery.
Understanding of technical trends within the ICT or cyber security industry and how modern technology can be harnessed to enhance the delivery of services.

The Engineer - 2021/22 Salary Survey

Sercurity Operations Manager