Description
Information Security Operations Manager (Mid Level) is required to work on a 7 month contract in Oxfordshire. The Information Security Operations Manager will be working with the Head of Information Security Operations and stakeholders from run and change teams to execute and improve prevention, detection and response capabilities. The Information Security operations Manager will have 5+ years commercial experience and will possess the following criteria:
As Information Security Operations Manager, your main responsibilities would be:
Engaging with the Cyber Security and Resilience Programme (CSRP) to operationally integrate and deliver security prevention, monitoring, breach detection and incident response capabilities.
Reviewing technical solutions (security and business) to identify risks and opportunities for improvement, and communicate these in risk and control terms
To collate, interpret, disseminate operational Cyber Threat Intelligence to stakeholder areas, with advice and action on appropriate responses
Support delivery of tooling, training, exercising (including Tabletop Exercises) and Security Incident Response capabilities etc.
There will be a number of main areas of work that you will be expected to be experienced in:
Prevention
Warning Signs and Preparations
Supporting Security by Design
Incident Detection and Response
Incident Recovery and Investigation
Resilience
Experience Required:
Demonstrable Depth in several areas below, breadth across range with desire to grow:
Experience in running and enhancing cyber security operations tasks, including vulnerability management, Penetration Test Management, technical design review, Cyber Threat Intelligence, investigation & Response of Security Events & Incidents
Experience of responding to events and incidents from a SIEM/SOC capability in terms of triage, investigation, and response.
Skills and experience to competently manage and investigate information security incidents.
Exposure to working in environments with local and central SOC capabilities and with Digital Forensics & Incident Response providers valued.
Able to consume, request, produce, apply Cyber Threat Intelligence from service providers and OSINT tooling within a structured approach.
Familiarity with vulnerability scanning, threat intelligence, attack surface, automated penetration testing, malware investigation tooling desirable
Ability to lead and facilitate Threat Modelling with a range of technical and non-technical stakeholders; practical use of MITRE ATT&CK, STRIDE and other Threat Modelling frameworks, tools and techniques desirable.
Knowledge of cyber control frameworks, guidance and norms (eg NIST Cyber Security Framework, NCSC Guidance)
You will also have these Qualifications/Skills:
Qualification or equivalent experience for operational security, eg OSCP, Crest, SANS or CISSP/CISM + technical expertise. Would accept demonstrable hands-on skills, vendor qualifications for relevant tooling
Membership in relevant professional body eg Member of the Chartered Institute of Information Security (MCIIS) or Member of the British Computer Society desirable