Security Operations Centre Manager

Employer: Close Brothers
Location: London - Crown Place

Salary: Competitive plus Discretionary Bonus and Benefits
Closing date: Friday 15 July 2016

The role holder will be a technical IT security professional with excellent hand on skills. Experienced in managing and operating a security operations centre (SOC) comprising of range of security systems and controls, all delivered to industry best practise for service and systems management (ITIL). The role holder will be a subject matter expert on security operations and lead a small team of analysts to provide the services required. They will have strong personal ethics and be able to operate to a high standard in a highly dynamic environment.

Key Responsibilities:


Operate the SOC in accordance within defined operational process, procedures and guidelines, aligned to good practise for service management, problem and incident management, change management and configuration management (ITIL)

Manage the team of analyst’s day-to-day, organise and allocate work, manage rotas and shifts as required, monitor work processes and quality, measure operational performance, recruit, coach and train

Ensure the SOC has the capability and undertakes monitoring of logs, alerts, security and change events to identify suspicious events and incidents for investigation and escalation, including intrusion, malware infection, access violations, denial of service, social engineering, defacement and criminals

Provide 24/7/365 capability to respond to critical security events and incidents

Maintain current skills and knowledge as per the role of the SOC as part of an ongoing training and development programme


Recruit, train and employ high calibre employees within budget, headcount levels and temporary resource requirements

Coach, mentor, and develop staff, including overseeing new employee onboarding and providing career development planning and opportunities

Provide oversight and direction to employees in accordance with the firm's policies, procedures, standards and SLAs

Hold regular one-to-ones with direct reports ensuring that feedback is provided in a constructive way whilst working with the employee to facilitate personal development

Ensure that an effective performance review is operated in line with department guidelines, including setting objectives, personal development planning and performance standards with all direct reports

Develop a culture of performance management, improvement and appraisal as a foundation for excellent organisational performance

Manage all departmental HR issues including monitoring absenteeism, and managing any capability and disciplinary issues

Ensure that team members complete online training when required and are kept abreast of any internal communications

Service Delivery Management

Manage the security infrastructure comprising of IDS/IPS, email/web filtering, deep packet inspection and all other security controls and systems operated by Information Security team

Provide oversight of security controls operated by the Infrastructure and Operations team

Ensure that appropriate detective and protective controls are in place, configured, tuned, and maintained operational

Monitor the SOC operational environment to ensure that it is operating effectively

Provide ongoing assurance and reporting that all SOC technical and procedural controls are operating effectively

Undertake formal periodic risk based reviews of the security controls, build standards, operational controls, adherence to policy, process and procedures

Provide 3rd line operational support for a number of user facing security controls within core business hours

Evaluate and assess the impact of changes to the security control and operational environment to ensure the SOC remains effective

Manage the day-to-day tactical operations of the SOC and lead the strategic development of it

Threat and Vulnerability Management

Provide ongoing assurance and reporting that all technical and procedural security controls are operating effectively

Maintain a holistic view of the threats and vulnerabilities presented to the business, internal, external, business partner and customers

Incident Management

Own cyber incident management for the Bank.

Ensure security logs and events are analysed, correlated from all necessary sources

Ensure timely responses to threats and incidents identified, using a risk-based approach

Ensure management, triage, prioritisation and escalation of security incidents is in accordance with best practise incident management policies, processes and procedures

Act as the primary contact and initial escalation point for the SOC

Maintain strong relationships with parties who affect the security posture of the business and who are contacts or escalation points for incident handling


Act as the primary contact and representative for IT security on internal project and technical forums

Provide expertise on all facets of information security within information technology and the business as part of business-as-usual and within change programmes, either independently or embedded within a project te

Risk & Compliance
Ensure that all Governance and Compliance requirements are adhered to and all reporting and reviewing activities required by the Regulatory Bodies are carried out to the standards required.

Skills & Experience:


Vulnerability and threat management

Incident management

Deep technical knowledge of network and application security controls operational in complex environments

Strong Technical skills in the following technologies

SIEM System operation and analytics

Intrusion Detection and Prevention


Load balancers, routers and Switches

Wired and Wireless infrastructures

Email/Web filtering technologies

Virtualised environments / Cloud

Deep Packet Analysis Tools

Anti Malware Systems / Solution

Strong network traffic and log analysis skills

Malware analysis skills

Computer Forensics

Experienced in the selection and implementation of appropriate information security controls

Good written and verbal communication skills

Process and Procedure writing


Line management experience

Strong Windows/Linux platform operating systems skills

Network and Application Vulnerability assessments and penetration Testing

Scripting Experience

ITIL Service Management

Knowledgeable and experienced in compliance with Information Security standards such as ISO27001 & PCI-DSS.

Knowledgeable about the legal and regulatory requirements for information security

Information Security Risk Assessment
Undertaking Business Impact Assessment

Education & Qualifications:


Security Industry Relevant Certification


CISSP, CISM or equivalent certification.

Apply online