Leads the Security Operations Centre (SOC) function and provides support to the CISO on technical security. Proposes and advocates on technical security strategies and implements policies and processes in support of internal IT systems, private cloud and public cloud usage. Drives the technical functions within the business to protect customer and business data/systems at all times. This is a highly technical role working within the CISO function which manages information security, certifications, compliance and quality. Degree qualified, and with Industry Certifications.
Build, Develop & Maintain SOC function
Build a team, policies, technologies and processes to develop a world-class security function.
Leads on all technical aspects of IT security for the commercial operations and internal systems.
Selection, implementation, maintenance and use of security tools to provide relevant management information and provide protection.
Responsibility for the security incident response process ensuring that this process is annually tested, and iteratively improved.
Key Responsibilities
Technical Delivery
To provide high quality IT Security guidance documentation and training in conjunction with the CISO to the internal technology teams (Internal IT, Operations, Application Development).
Carry out technical vulnerability assessments of IT systems and processes, identifying potential vulnerabilities to Platform(s) and Corporate systems and processes, making recommendations to the technology management and the CISO to minimise risks identified.
To liaise with external security agencies where required and ensure that any information requested is provided on a timely and secure basis.
Contribution to the architectural functions in each team to ensure that privacy and security by designs are created with final compliance as a goal.
Responsible for ensuring any new vulnerabilities are resolved/mitigated in line with risk based prioritisation (business and technical).
Business-wide Impact
Lead and act as a strategic and tactical partner in the operational and technical development of the SOC (Security Operations Centre).
Liaise with other key functions within the business as required. These include; CTO, CIO, CISO, Operations, Infrastructure Services, Support, Sales & Procurement.
Establish and maintain excellent relationships with all other technology groups.
Initiate review and suggest improvements to the products (through Product Management) and services provided.
To respond rapidly and effectively to IT security incidents, managing them in a professional manner, reporting to the CISO.
Assist in performing computer forensics for evidence gathering and preservation.
To contribute to the IT risk register and carry out assigned actions to mitigate risks identified.
To keep up to date with security trends, threats and control measures.
SOC Team Management
Manage and lead the SOC team on a daily basis to meet and exceed customer contractual obligations.
Provide leadership, guidance and mentoring to IT staff within the SOC team and across the wider technology group.
Motivate immediate team on a daily basis to deliver across their key areas of responsibility.
Respond to and assist team members to resolve escalations or find assistance for technical questions.
Ensure the team are trained in processes and procedures, fully documenting and maintaining processes for reference, training and audit purposes.
Identify training needs across the team and design/source training that will meet these requirements.
Invest in the personal development of the team, continuously improving their soft skills, customer service, technical skills and problem solving. Proactively address areas of poor performance with the team and support them to improve.
Motivate, coach and develop the team on a daily basis. Give regular constructive feedback and recognise good behaviour/performance.
Provide weekly reports/updates on team activity, project progress etc. as required.
Effectively manage and monitor resource levels, and deciding on task priorities for team members.
Certifications, Compliance and Investigation
Participate and take an active role in investigations as required.
Provide input into the CISO’s Risk Committee to ensure IT Security is included in risk and compliance reports.
Design and implement systems/process that meet agreed security requirements. Documenting the process and procedures wherever necessary as part of the PCI and ISO27001 requirements and to ensure a knowledge base is created and maintained.
Participate and take an active role for Business Continuity planning across the global businesses.
Act as the IT Security escalation point within the business for all Technology Security operational issues.
Manage security incidents and events to protect Corporate information technology (IT) assets, intellectual property, fixed assets, and Redwood’s reputation working alongside the CISO.