Search Vacancies

Security Operations Centre Manager

Business Role Type
Business Support Role
Business Support Departments
Security
Location
Cardiff
External Closing Date
07/02/2020
Ever wondered what life in Admiral is like?
Apply now

Description

The Security Operations Centre Manager has overall responsibility of ensuring quality response to security incidents across Admiral Group. This central coordination role is vital for supporting the secure business operations of Admiral Group. The successful person will have a passion for investigation, a thirst for knowledge, and enthusiasm to see an incident to closure. The successful candidate will project confidence and be prepared to coach team members in the ethos and practice of successful security operations. 

Main Responsibilities

The Security Operations Centre Manager will:

  • Implement the overall monitoring and response strategy.
  • Drive day-to-day operations and prioritise workload for the team. Represent the Security Incident Response Team, communicating the needs of the team and customer to improvement programmes.
  • Define requirements and improvements against current and future playbooks.
  • Improve the efficiency of the day-to-day duties of the monitoring and response teams by collecting metrics and evidence from current/past cases and refining telemetry and processes.
  • Manage a diverse stakeholder list of internal customers, senior leadership team members, partners and IT, Legal, Public Relations contacts to disseminate relevant information and actions.
  • Own the computer security incident response team charter authority, on behalf of the Head of Monitoring and Response, and conduct actions on that authority.
  • Define and refine the constituency that is under effective monitoring.
  • Project future capacity for log management, monitoring, analytics and hunting.
  • Organise regular tests to ensure order of operations integrity is maintained.
  • With appropriate authority, be able to call off incident response and cyber insurance retainers in support of rapid incident resolution.
  • Recruit and build capability across the team for Tier 1 triage, Tier 2 analysts, and Tier 3 analysts.

Experience Required

Relevant experience in security operations, incident management, response and security monitoring are required for this role.

The role would suit someone who has spent significant time understanding the changing threat landscape and the response options available to incident response teams. You will have proven experience in targeting hunting across the large enterprise.

You should have a working knowledge of one or more Security Information and Event Management solutions for gathering and processing log information.

You should have experience in handling live cyber incidents in a functioning security operations centre. The ability to work under pressure is a must, as is the ability to remain calm and focussed on the mission.

Excellent IT knowledge, that informs a wide array of containment options for typical kill chain events, is required. This would extend to include Windows, Linux, Mac Operating Systems, typical web applications, and relational database technologies.

You will have a familiarity with various cloud platforms such as Google Cloud platform, Amazon Web Services and Microsoft Azure.  Naturally this includes elements of Software as a service, Platform as a service and Infrastructure as a service.  Understanding the mechanisms of breach and countermeasures in this space would be of significant advantage.

The ability to communicate effectively, constructively, confidently and professionally is key to the success in the role. You will need to energise and coach analysts in the team to maintain focus during periods of extended analysis.

The need to question information that others would take on face value, and remaining inquisitive across the enterprise, will improve the likelihood of chasing down incidents to confident closure.

CEH/CISSP and a technical/computing degree preferred.

Salary, Benefits and Work-Life Balance

We do not have a set salary for this position, as it will be dependent on the successful candidates experience. We are happy to see CVs from all candidates who meet the requirements, and will be happy to discuss the remuneration package.

At Admiral, we are proud to be a diverse business where we put our people and customers first. We have great benefits to ensure employees have a great work-life balance; it's one of the reasons we're voted no. 1 in the 2019 Sunday Times Best Big Companies to Work For in the UK. We want you to have an element of freedom to define a working lifestyle that supports this, so accomodate flexible hours wherever possible.

You can also view some of our other key benefits here; https://admiraljobs.co.uk/employee-benefits/.

Please contact your Recruitment Officer, Valvanuz Guerrero, for more information.

#LI-LP1