Senior Director of Security Operations
The Senior Director of Security Operations will direct and manage the clients security operations program, including the cyber security monitoring, incident response, threat intelligence, threat hunting and vulnerability management domains. The role will work directly with the CISO to continuously strengthen cyber resilience and properly address its evolving threat landscape throughout its rapid growth.
- Directing and managing the cyber security operations function, providing the right capabilities and resources to deliver effective 24/7 global operational security coverage and incident response across all environments
- Develop, mentor, and lead a high-performing staff of security operations experts
- Managing the development and maintenance of cyber incident management and response plans and procedures and ensuring the provision and 24/7 availability of appropriate cyber incident response and management resources
- Engaging with Major Incident Management function to ensure that Information Security incidents are handled appropriately
- Steering cyber defense vendor landscape, including MSSP / MDR for 1st line security operations
- Working within the legal constraints imposed by the jurisdictions in which the organisation operates, carrying out investigations into security incidents using all relevant sources of information. Assessing the need for digital forensic activity, and engaging specialist digital forensic services as required.
- Ensuring effective threat & vulnerability management program is in place to identify and manage cyber threats and vulnerabilities to technology environments throughout their lifecycle
- Gathering and utilising threat intelligence to proactively defend against and respond appropriately to threats
- Managing the selection, configuration, operation and maintenance of cyber monitoring and vulnerability management technologies / tooling
- Directing the review of monitoring use cases to ensure that triggers and alerts are effectively implemented and managed
- Establishing and maintaining documented Security Operating Procedures in accordance with relevant security policies, requirements and standards
- Engaging with the Change Management process to ensure that vulnerabilities are remediated
- Recognising potential strategic application of new security technologies and techniques, investigating and developing innovative methods of protecting information assets, to the benefit of the organisation and exploiting opportunities to introduce more effective secure business and operational processes.
- Working with the CISO to develop and deliver against global cyber security, roadmap and objectives, develop budget projections and manage costs
- Promoting a strong security culture driving security awareness and best practices and continual improvement across the business.
Key Skills Required
- Knowledge and understanding of the business and its mission
- In depth security industry knowledge
- Strong technical awareness, including network, computer and cloud security knowledge and awareness of current security technologies
- Proven experience of managing security operations / SIEM / SOC management skills
- Incident response / management skills and experience.
- Designing and implementing threat intelligence and vulnerability management programmes, including penetration testing and red/blue teaming
- Experience with common information security management frameworks, such as ISO 2700x, NIST Standards and Cyber Security Framework
- Strong leadership, communication and influencing skills, with personal gravitas and ability to effectively influence senior stakeholders
- Excellent organisation, time and project management skills, enabling self and others to deliver quality output at pace
- Familiarity with applicable legal and regulatory requirements
- First and foremost has a strong desire to understand the business and its mission, demonstrating a clear understanding and plan for monitoring and protection of its information assets
- Creates trust, can confidently act with discretion within the boundaries of regulatory and legal frameworks
- Someone who is tenacious, in the pursuit to delight our users. They strive for excellence in all they do and always look to improve our service and product
- Inquisitive and bold. They are prepared to challenge the norm
- Regularly seeks to turn ideas into action and injects creativity into every touch point. They question common practice to challenge the norm
- Has a positive, can do attitude, prepared to take accountability and ownership for regional delivery
- Ability to absorb and analyse organisational level data and information to identify strategic opportunities and risks, driving metric driven outcomes
- Is ambitious whilst equally pragmatic and realistic; always seeks to optimise the balance of commensurate risk control and value
- Creative and innovative, is forward and outward looking. They strive to stay in front of industry trends and best practises and committed to continual learning and development.
- Is compassionate and caring towards others. They respect the views and ideas of others and create a supportive, collaborative, high performing team environment.
- 5+ years experience managing a security operations function within a large, global organization
- 10+ years within the information security industry.
- Experience of working within cloud based and agile development environments
- Experience of applying threat intelligence and vulnerability management methodologies
- Experience in steering 3rd party security operations vendors such as MSSPs and MDRs
- Relevant higher education and/or professional technical security qualifications (e.g. CISSP, Security / Network +, CCSP, SSCP, CSX-P)
- Penetration testing qualifications and experience
- Relevant degree or postgraduate degree
- Information security qualifications tailored to the healthcare industry ( e.g.HCISPP )
- Relevant Data Protection / Privacy Management qualification
- Security management experience within the healthcare industry.