Description
My client requires a Security Service Delivery Manager to join their team. Must have strong knowledge/background in IT Security Environment and Operational Security Management within a Security Operations Centre.
Objectives
Produce and maintain service management documentation including service catalogue, service descriptions, service guides, contracts and Service Level Agreements (SLAs)
Produce and manage inputs and outputs from Service governance and ensure continuous improvement of the governance process
Provide mechanisms to communicate security services delivery including measurable Key Performance Indicators (KPIs) but also written/verbal communication inputs.
Provide central coordination and management of security technology software licenses, leveraging and utilising group license management processes and tools
Create and maintain security services and resources capacity plan required to meet current and future performance requirements (including identification of performance/capacity trends).
Provide options and mechanisms for continuous security service improvement across Group security operations teams
Define security service continuity and availability requirements and complete gap analysis against current capability, drive activity to address gaps
Support end to end service management including onboarding of new customers, transition from project to Business As Usual and change, request, incident management.
Main tasks
Security Service Development Management
Participate in service governance, creating inputs for the governance meetings in a timely manner and managing the outputs
Conduct security service communications based on defined plans and templates.
Define service metrics and KPIs to support efficient governance and communications internally and externally.
Create service documentation to cover current documentation gaps. Service documentation may include service guides, descriptions, service catalogue and more.
Create service contracts including SLAs in agreement with the operational teams and costing models.
Ensure documentation is reviewed regularly and kept up to date with latest changes and service improvements.
Define service continuity, resilience and availability requirements and supporting metrics eg Recovery Time Objective (RTO), Recovery Point Objective (RPO).
Perform gap analysis against defined continuity requirements and drive activities to address gaps.
Drive and deliver actions for service changes, requests and incidents.
Closure of the Project: follow up on criteria ensuring that project delivery is fit to handover to operations and support transition to BAU process
Onboard OpCos on security solutions conducting planning and coordination, implementing use cases into production and obtaining feedback from OpCos on the on-boarding process.
Security Service License Management
Conduct regular review of security software and technology licenses and validate usage as per vendor contracts and follow-up on anomalies. Address any licenses issues.
Identify and address any license issues including need for additional or reduction of licenses or the impact of change to the licenses. Conduct related activities for finance/budget cost allocation
Collaborate with Service Development Lead to co-relate license usage and Service finance/budget cost allocation.
Research and gather vendor licensing model information and provide support to Group procurement on contract negotiation and advice on suitable license models.
Service Capacity Management
Manage and maintain security services and resources capacity plan required to meet current and future performance requirements (including identification of performance/capacity trends).
Develop and maintain metrics to monitor performance and capacity of the security service metrics.
Develop a management information report to provide a weekly/monthly/quarterly trend on performance and capacity metrics and recommendations to improve service capacity.
Work with operational teams to help regularly generate and report on the performance and capacity metrics.
Skills Required
The service requires a strong expertise on IT Security environment.
Operational Security Management within SOC
- Secure operations management
- Secure operations & service Delivery
- Vulnerability assessment knowledge
Software user skills
- ITIL Service Management (incident management, change management, problem management, service request management, configuration management)
- Knowledge of security software market
Incident Management
- Incident management knowledge
Systems implementation securing skills
- Security architecture
- Secure system development
Information assurance methodologies and testing
- Information assurance methodologies
- Security testing
Information security management
- Governance
- Policy & standards
- Information security strategy
- Innovation & business improvement
- Information security awareness and basic training leading
- Legal & regulatory environment
- Third party management
Nice to have skills
Competencies Description
Information Risk Management
- Risk assessment
- Risk management
Incident Management
- Investigation
- Forensics
Audit, Assurance & Review
- Audit & Review understanding
Business Continuity Management
- Business continuity planning
- Business continuity management
Certifications
- Information security and/or Information Technology industry certification (CISSP, CISA, CISM, GIAC or equivalent)
- ITIL v3 certified to at least Foundation level
Business skills and competences
- Teamwork and leadership
- Delivering on time and on requirements
- Customer relationships management
- Change management
- Innovation management
- Analytical skills
- Decision making skills
- Cross communication management within various management levels
- Cross collaboration management with multiple entities
Experience
Computer Science and engineering background
4 years minimum experience as Service Delivery Managed
Expected Deliverable's
Security Service Management
Service Catalogue updates to reflect latest changes to the services or include additional elements
Service documentation creation and updates (eg service descriptions, service guides etc.)
Service contracts creation and maintenance for the security operations services including SLAs definition and costing model
Operational documentation updates for security operations as defined in the service management framework
Service governance templates updates, inputs creating for governance meetings (document and follow up on actions)
Security service continuity and availability requirements definition
Security metrics and KPIs definition and maintenance
Closure documentation
OpCos on-boarding on security solutions: planning and coordination, feedback
Service communications plan, templates and inputs for internal and external communications o Security Service License Management
Report on security software and technology licenses: usage as per vendor contracts and follow-up on anomalies.
Report on needs for additional or reduction of licenses
o Service Capacity Management
Report on capacity issues follow up.
Trends and recommendations for improvement
Mercator IT Solutions Ltd provides services as an Agency and an Employment Business
All candidates are subject to the requirements of the Baseline Personnel Security Standard and will be required to provide appropriate documentation to verify ID, nationality, employment and/or academic history and criminal record check (unspent convictions)