Security Operations Manager, Speciality (Re)Insurance, London
£80,000 | Greater London | Permanent
Posted 7 days ago
Security Operations Manager, Speciality (Re)Insurance Group, City of London
A leading speciality insurance group based in the City of London, with international hubs in Europe, MENA, Latin America and Asia; protecting clients in over 200 countries; are recruiting a Security Operations Manager.
The Security Operations Manager will be responsible for overseeing the Security Operations team, as well as deputising for the Information Security Officer; with the potential to develop into this role.
The primary responsibilities in the role are:-
* Oversee the design and delivery of Security Operations (including SOC) strategy and operating model
* Lead and supervise the Security Operations team, including hiring, training, and managing both permanent and temporary staff
* Direct the investigation of any suspicious activities and/or security events from any sources to ensure they're contained, remediated, and reported as detailed within the organisation's Security Incident Response framework
* Manage and continually improve the integration, efficiency, and effectiveness of the organisation's 3rd party managed SOC solution
* Improve and regularly test the effectiveness of the Security Incident Response framework
* Develop, document and continually improve a formal threat intelligence program
* Deputise for the Information Security Officer
* Support the Information Security Officer by providing regular updates on key operational security metrics and emerging risk
* Oversee the implementation, management, and continual improvement of security technologies both on premise and in the cloud (e.g. SIEM solution, anti-virus, privileged access management, CASB, web and email filtering, SPF/DMARC, vulnerability and configuration scanning) and the processes that support them
* Where possible, integrate and harmonise disparate security technologies and processes to improve their overall efficiency and effectiveness (e.g. integrate A/V with ACS tech, evaluate and implement/extend cloud security tools)
* Develop, implement and maintain Security Operations controls and the key performance indicators (KPIs) that accurately measure compliance to them
* Act as the primary escalation point for any operational security issues reporting into the Information Security Officer
* Manage the lifecycle of internal and external audit and compliance findings related to operational security
They are looking to a hire an individual with the following profile, skills and experience:-
* At least five years' experience of of working in a Security Operations function - ideally including management experience
* Strong, proven experience managing a technical security incident response program
* Ideally experience of ISO 27001 or NIST Cybersecurity Framework
* Ideally knowledge and experience of infrastructure; and an understanding of the challenges within infrastructure
* Experience and ability to interact in writing and verbally - including presentations - with senior leaders at Board, Committee, Regulatory and Audit level
* It would be ideal if this individual came from an Insurance background or FS / PS / Regulatory organisation.
* Knowledge of the Lloyds market would be particularly beneficial
The following qualifications are desirable:-
* Incident Response - SANS GIAC Incident Response or similar
* Networking - CCNP or equivalent
* CLoud Secuirty - CCSP, CCSK, PCSM, CCSS, and/or any Cloud Secuirty certificate
* General Secuirty - CISSP, CISM
* Any SecOps related certifications, including secuirty vendor certifications
This is a permanent role that will be a blend of remote working and office based (one day a week in office pro rata once restrictions are lifted).
This organisation are looking to conduct interviews immediately and appoint the right individual to join January 2021 onwards (there is flexibility to take into account notice periods).
If you'd like to find out more about this opportunity please contact me urgently, in confidence. to find out more.
InterQuest Group is acting as an employment agency for this vacancy. InterQuest Group is an equal opportunities employer and we welcome applications from all suitably qualified persons regardless of age, disability, gender, religion/belief, race, marriage, civil partnership, pregnancy, maternity, sex or sexual orientation. Please make us aware if you require any reasonable adjustments throughout the recruitment process.