Director of Security Operations - Splunk and MSSP

Director of Security Operations - Splunk and MSSP

Posted 2 weeks ago by 1753418536

Apply
Negotiable
Inside
Undetermined
Basingstoke
Apply
Amazon Web Services (AWS) Business Process Cloud Computing Cloud Technology Cyber Incident Response Cyber Risk Cyber Security Cyber Threat Hunting Cyber Threat Intelligence Data Privacy Laws Employee Performance Management Google Cloud Platform (GCP) Joint Ventures Log Analysis Managed Services Management Market Trend Microsoft Azure MITRE ATT&CK Framework Network Flow NIST 800-53 Penetration Testing Performance Management Risk Management Security Engineering Solution Design Splunk Stakeholder Management Strategic Planning Trend Analysis

Summary: The Director of Security Operations will lead the security operations team for a global telecommunications client, focusing on incident management, proactive security monitoring, and threat hunting. The role requires strong technical expertise in Splunk and experience with Managed Security Service Providers (MSSPs). The successful candidate will drive strategic planning and continuous improvement in security processes while managing complex cybersecurity incidents. Leadership in people management and collaboration with various stakeholders is essential for enhancing security governance and risk management policies.

Key Responsibilities:

  • Lead day-to-day operations of Proactive Analysis, Security Tooling, and CERT teams.
  • Manage the implementation of strategic planning aligned with the company strategy and Security Roadmap.
  • Drive a multi-year strategy for continuous processes and technology improvement.
  • Provide leadership and guidance in the collection and review of artifacts related to investigations.
  • Collaborate with various stakeholders to ensure consistency and effectiveness of Security Operations activities.
  • Identify security monitoring and process gaps and work to expand visibility.
  • Work with Security engineering and architecture teams to innovate in cyber threat prevention and identification.
  • Oversee all people management facets including recruiting, hiring, and performance management.
  • Manage relationships with 3rd Party Managed Service providers supporting Security Operations.

Key Skills:

  • 5+ years of experience in incident response or penetration testing.
  • 3+ years of leadership experience in a Managed Security Operations Centre.
  • 2+ years of security solution design and architecture experience.
  • Detailed understanding of the MITRE ATT&CK and D3fend Framework.
  • Understanding of attacks impacting cloud-native environments (OCI, GCP, AWS, Azure).
  • Ability to lead and guide teams in critical thinking.
  • Excellent interpersonal skills and customer-centric perspective.
  • Experience with network flow data/tools and log analysis.
  • Understanding of best practices and regulatory requirements in cybersecurity.
  • Strong management skills for developing and mentoring others.
  • Experience in large or federated enterprises, preferably in the Telecoms industry.

Salary (Rate): undetermined

City: Basingstoke

Country: undetermined

Working Arrangements: undetermined

IR35 Status: inside IR35

Seniority Level: undetermined

Industry: IT

Detailed Description From Employer:

Your new company
Global Telecommunications client is looking for a Director of Security Operations with a strong technical know-how background to join the wider team.

You must have experience of utilising Splunk, working with internal / external MSSPs and also strong Incident Response / Management experience. This role is for someone who has strong experience of working as a SOC Lead / Head of SOC.

Your new role
This role is accountable for the key security operations areas, including, but not limited to, Incident Management, Incident Response, Proactive Security Monitoring, Threat Hunting, Security Incident Analytics, Incident Trend Analysis and Reporting.

You will be responsible for using analytics to provide insight to other security leaders in order to enhance policies and processes related to Risk Management, Security Program Management, and Security Governance. All this whilst keeping in mind the strategic intent to ultimately provide these services to our B2B markets. (MSP experience is desirable)

  • Lead day-to-day operations of Proactive Analysis, Security Tooling and CERT teams, including oversight and direction of complex cybersecurity incidents and investigations
  • Manage the implementation of the strategic planning in-line with the overall company strategy and Security Roadmap to provide future-proofed service delivery
  • Drive a multi-year strategy for continuous processes and technology improvement
  • Provide leadership and guidance in assisting IT and security personnel in the collection and review of artifacts relating to investigations
  • Collaborate with retain markers, joint ventures, third parties, business process owners and other partners to ensure consistency and effectiveness of Security Operations activities
  • Proactively identify security monitoring and process gaps and work with colleagues to expand visibility in identified areas
  • Work with Security engineering and Security architecture teams to seek new and innovative approaches to prevent and identify cyber threats using endpoint, network and cloud security solutions and emerging security technologies
  • Lead all people management facets including recruiting, hiring, performance management.
  • Effective management of 3rd Party Managed Service provider supporting Security Operations

What you'll need to succeed
5+ years of experience in incident response or penetration testing with proven experience handling cyber threats from external and internal sources
3+ years of leadership experience in a Managed Security Operations Centre or similar incident command organisation or reporting structure
2+ years of security solution design and security architecture experience; working as a security architect with business stakeholders
Detailed understanding of the MITRE ATT&CK and D3fend Framework and the Cyber Kill Chain
Detailed understanding of leveraging Cyber Threat Intelligence in support of a Managed Security Service organisation
An understanding of attacks impacting a cloud-native environment (OCI, GCP, AWS and Azure)
Ability to lead people to think critically by guiding them without doing the work for them
Possess a demonstrated ability to speak with people with varying knowledge of Cybersecurity concepts
Excellent interpersonal skills and ability to see things through the “customer’s” eyes
Experience with network flow data/tools and analysing high volumes of logs and related sources to support incident investigations
Ability to describe cyber risk from an operating perspective to provide consulting guidance and build relationships.
Understanding the best practices, control frameworks, and applicable legal and regulatory requirements, data privacy and breach notification laws, ISO 27001, NIST CSF and SP 800-53, CIS, CSA CCM, PCI DSS, etc.
Demonstrable strong management skills, including the ability to develop, mentor and coach others
Experience of working in large or federated enterprises, preferably in the Telecoms industry and operating as a Managed Services Provider

What you'll get in return
Flexible working options are available.

What you need to do now
If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV, or call us now.
If this job isn't quite right for you, but you are looking for a new position, please contact us for a confidential discussion about your career.

Apply
Similar Jobs
Loading data...