Employer: Close Brothers
Location: London - Crown Place
Salary: Competitive plus Discretionary Bonus and Benefits
Closing date: Friday 15 July 2016
The role holder will be a technical IT security professional with excellent hand on skills. Experienced in managing and operating a security operations centre (SOC) comprising of range of security systems and controls, all delivered to industry best practise for service and systems management (ITIL). The role holder will be a subject matter expert on security operations and lead a small team of analysts to provide the services required. They will have strong personal ethics and be able to operate to a high standard in a highly dynamic environment.
Key Responsibilities:
Management
Operate the SOC in accordance within defined operational process, procedures and guidelines, aligned to good practise for service management, problem and incident management, change management and configuration management (ITIL)
Manage the team of analyst’s day-to-day, organise and allocate work, manage rotas and shifts as required, monitor work processes and quality, measure operational performance, recruit, coach and train
Ensure the SOC has the capability and undertakes monitoring of logs, alerts, security and change events to identify suspicious events and incidents for investigation and escalation, including intrusion, malware infection, access violations, denial of service, social engineering, defacement and criminals
Provide 24/7/365 capability to respond to critical security events and incidents
Maintain current skills and knowledge as per the role of the SOC as part of an ongoing training and development programme
People
Recruit, train and employ high calibre employees within budget, headcount levels and temporary resource requirements
Coach, mentor, and develop staff, including overseeing new employee onboarding and providing career development planning and opportunities
Provide oversight and direction to employees in accordance with the firm's policies, procedures, standards and SLAs
Hold regular one-to-ones with direct reports ensuring that feedback is provided in a constructive way whilst working with the employee to facilitate personal development
Ensure that an effective performance review is operated in line with department guidelines, including setting objectives, personal development planning and performance standards with all direct reports
Develop a culture of performance management, improvement and appraisal as a foundation for excellent organisational performance
Manage all departmental HR issues including monitoring absenteeism, and managing any capability and disciplinary issues
Ensure that team members complete online training when required and are kept abreast of any internal communications
Service Delivery Management
Manage the security infrastructure comprising of IDS/IPS, email/web filtering, deep packet inspection and all other security controls and systems operated by Information Security team
Provide oversight of security controls operated by the Infrastructure and Operations team
Ensure that appropriate detective and protective controls are in place, configured, tuned, and maintained operational
Monitor the SOC operational environment to ensure that it is operating effectively
Provide ongoing assurance and reporting that all SOC technical and procedural controls are operating effectively
Undertake formal periodic risk based reviews of the security controls, build standards, operational controls, adherence to policy, process and procedures
Provide 3rd line operational support for a number of user facing security controls within core business hours
Evaluate and assess the impact of changes to the security control and operational environment to ensure the SOC remains effective
Manage the day-to-day tactical operations of the SOC and lead the strategic development of it
Threat and Vulnerability Management
Provide ongoing assurance and reporting that all technical and procedural security controls are operating effectively
Maintain a holistic view of the threats and vulnerabilities presented to the business, internal, external, business partner and customers
Incident Management
Own cyber incident management for the Bank.
Ensure security logs and events are analysed, correlated from all necessary sources
Ensure timely responses to threats and incidents identified, using a risk-based approach
Ensure management, triage, prioritisation and escalation of security incidents is in accordance with best practise incident management policies, processes and procedures
Act as the primary contact and initial escalation point for the SOC
Maintain strong relationships with parties who affect the security posture of the business and who are contacts or escalation points for incident handling
Consultancy
Act as the primary contact and representative for IT security on internal project and technical forums
Provide expertise on all facets of information security within information technology and the business as part of business-as-usual and within change programmes, either independently or embedded within a project te
Risk & Compliance
Ensure that all Governance and Compliance requirements are adhered to and all reporting and reviewing activities required by the Regulatory Bodies are carried out to the standards required.
Skills & Experience:
Essential
Vulnerability and threat management
Incident management
Deep technical knowledge of network and application security controls operational in complex environments
Strong Technical skills in the following technologies
SIEM System operation and analytics
Intrusion Detection and Prevention
Firewalls
Load balancers, routers and Switches
Wired and Wireless infrastructures
Email/Web filtering technologies
Virtualised environments / Cloud
Deep Packet Analysis Tools
Anti Malware Systems / Solution
Strong network traffic and log analysis skills
Malware analysis skills
Computer Forensics
Experienced in the selection and implementation of appropriate information security controls
Good written and verbal communication skills
Process and Procedure writing
Desired
Line management experience
Strong Windows/Linux platform operating systems skills
Network and Application Vulnerability assessments and penetration Testing
Scripting Experience
ITIL Service Management
Knowledgeable and experienced in compliance with Information Security standards such as ISO27001 & PCI-DSS.
Knowledgeable about the legal and regulatory requirements for information security
Information Security Risk Assessment
Undertaking Business Impact Assessment
Education & Qualifications:
Essential
Security Industry Relevant Certification
Preferred
CISSP, CISM or equivalent certification.
Apply online
Location: London - Crown Place
Salary: Competitive plus Discretionary Bonus and Benefits
Closing date: Friday 15 July 2016
The role holder will be a technical IT security professional with excellent hand on skills. Experienced in managing and operating a security operations centre (SOC) comprising of range of security systems and controls, all delivered to industry best practise for service and systems management (ITIL). The role holder will be a subject matter expert on security operations and lead a small team of analysts to provide the services required. They will have strong personal ethics and be able to operate to a high standard in a highly dynamic environment.
Key Responsibilities:
Management
Operate the SOC in accordance within defined operational process, procedures and guidelines, aligned to good practise for service management, problem and incident management, change management and configuration management (ITIL)
Manage the team of analyst’s day-to-day, organise and allocate work, manage rotas and shifts as required, monitor work processes and quality, measure operational performance, recruit, coach and train
Ensure the SOC has the capability and undertakes monitoring of logs, alerts, security and change events to identify suspicious events and incidents for investigation and escalation, including intrusion, malware infection, access violations, denial of service, social engineering, defacement and criminals
Provide 24/7/365 capability to respond to critical security events and incidents
Maintain current skills and knowledge as per the role of the SOC as part of an ongoing training and development programme
People
Recruit, train and employ high calibre employees within budget, headcount levels and temporary resource requirements
Coach, mentor, and develop staff, including overseeing new employee onboarding and providing career development planning and opportunities
Provide oversight and direction to employees in accordance with the firm's policies, procedures, standards and SLAs
Hold regular one-to-ones with direct reports ensuring that feedback is provided in a constructive way whilst working with the employee to facilitate personal development
Ensure that an effective performance review is operated in line with department guidelines, including setting objectives, personal development planning and performance standards with all direct reports
Develop a culture of performance management, improvement and appraisal as a foundation for excellent organisational performance
Manage all departmental HR issues including monitoring absenteeism, and managing any capability and disciplinary issues
Ensure that team members complete online training when required and are kept abreast of any internal communications
Service Delivery Management
Manage the security infrastructure comprising of IDS/IPS, email/web filtering, deep packet inspection and all other security controls and systems operated by Information Security team
Provide oversight of security controls operated by the Infrastructure and Operations team
Ensure that appropriate detective and protective controls are in place, configured, tuned, and maintained operational
Monitor the SOC operational environment to ensure that it is operating effectively
Provide ongoing assurance and reporting that all SOC technical and procedural controls are operating effectively
Undertake formal periodic risk based reviews of the security controls, build standards, operational controls, adherence to policy, process and procedures
Provide 3rd line operational support for a number of user facing security controls within core business hours
Evaluate and assess the impact of changes to the security control and operational environment to ensure the SOC remains effective
Manage the day-to-day tactical operations of the SOC and lead the strategic development of it
Threat and Vulnerability Management
Provide ongoing assurance and reporting that all technical and procedural security controls are operating effectively
Maintain a holistic view of the threats and vulnerabilities presented to the business, internal, external, business partner and customers
Incident Management
Own cyber incident management for the Bank.
Ensure security logs and events are analysed, correlated from all necessary sources
Ensure timely responses to threats and incidents identified, using a risk-based approach
Ensure management, triage, prioritisation and escalation of security incidents is in accordance with best practise incident management policies, processes and procedures
Act as the primary contact and initial escalation point for the SOC
Maintain strong relationships with parties who affect the security posture of the business and who are contacts or escalation points for incident handling
Consultancy
Act as the primary contact and representative for IT security on internal project and technical forums
Provide expertise on all facets of information security within information technology and the business as part of business-as-usual and within change programmes, either independently or embedded within a project te
Risk & Compliance
Ensure that all Governance and Compliance requirements are adhered to and all reporting and reviewing activities required by the Regulatory Bodies are carried out to the standards required.
Skills & Experience:
Essential
Vulnerability and threat management
Incident management
Deep technical knowledge of network and application security controls operational in complex environments
Strong Technical skills in the following technologies
SIEM System operation and analytics
Intrusion Detection and Prevention
Firewalls
Load balancers, routers and Switches
Wired and Wireless infrastructures
Email/Web filtering technologies
Virtualised environments / Cloud
Deep Packet Analysis Tools
Anti Malware Systems / Solution
Strong network traffic and log analysis skills
Malware analysis skills
Computer Forensics
Experienced in the selection and implementation of appropriate information security controls
Good written and verbal communication skills
Process and Procedure writing
Desired
Line management experience
Strong Windows/Linux platform operating systems skills
Network and Application Vulnerability assessments and penetration Testing
Scripting Experience
ITIL Service Management
Knowledgeable and experienced in compliance with Information Security standards such as ISO27001 & PCI-DSS.
Knowledgeable about the legal and regulatory requirements for information security
Information Security Risk Assessment
Undertaking Business Impact Assessment
Education & Qualifications:
Essential
Security Industry Relevant Certification
Preferred
CISSP, CISM or equivalent certification.
Apply online