Director of Security Operations - Splunk, MSSP, IR and IM

Director of Security Operations - Splunk, MSSP, IR and IM

Posted 2 weeks ago by Hays

Apply
£1,000 Per day
Inside
Hybrid
Basingstoke, England, United Kingdom
Apply
Amazon Web Services (AWS) Business Process Cloud Computing Cloud Technology Cyber Incident Response Cyber Kill Chain Framework Cyber Risk Cyber Security Cyber Threat Hunting Cyber Threat Intelligence Data Privacy Laws Employee Performance Management Google Cloud Platform (GCP) Joint Ventures Log Analysis Managed Services Management Market Trend Microsoft Azure MITRE ATT&CK Framework Network Flow NIST 800-53 Penetration Testing Performance Management Risk Management Security Engineering Solution Design Splunk Stakeholder Management Strategic Planning Trend Analysis

Summary: The Director of Security Operations will lead security operations for a Global Telecommunications client, focusing on incident management, response, and proactive security monitoring. The role requires strong technical expertise in Splunk and experience with MSSPs, along with a proven track record in managing cybersecurity incidents. The position mandates a commitment to three days onsite near Basingstoke, ensuring effective collaboration and oversight of security operations. The successful candidate will drive strategic planning and continuous improvement in security processes and technology.

Key Responsibilities:

  • Lead day-to-day operations of Proactive Analysis, Security Tooling, and CERT teams.
  • Manage the implementation of strategic planning aligned with company strategy and Security Roadmap.
  • Drive a multi-year strategy for continuous processes and technology improvement.
  • Provide leadership and guidance in investigations and artifact collection.
  • Collaborate with various stakeholders to ensure effective Security Operations activities.
  • Identify security monitoring and process gaps and expand visibility.
  • Work with Security engineering and architecture teams to innovate cyber threat prevention and identification.
  • Oversee people management facets including recruiting and performance management.
  • Manage third-party Managed Service providers supporting Security Operations.

Key Skills:

  • 5+ years of experience in incident response or penetration testing.
  • 3+ years of leadership experience in a Managed Security Operations Centre.
  • 2+ years of security solution design and architecture experience.
  • Detailed understanding of the MITRE ATT&CK and D3fend Framework.
  • Knowledge of Cyber Threat Intelligence in Managed Security Services.
  • Understanding of cloud-native environment attacks (OCI, GCP, AWS, Azure).
  • Excellent interpersonal skills and ability to communicate cybersecurity concepts.
  • Experience with network flow data/tools and log analysis.
  • Strong management skills for developing and mentoring others.
  • Experience in large or federated enterprises, preferably in Telecoms.

Salary (Rate): £1,000.00/daily

City: Basingstoke

Country: United Kingdom

Working Arrangements: hybrid

IR35 Status: inside IR35

Seniority Level: Senior

Industry: IT

Detailed Description From Employer:

Your new company Global Telecommunications client is looking for a Director of Security Operations with a strong technical know-how background to join the wider team. You must have experience of utilising Splunk, working with internal / external MSSPs and also strong Incident Response / Management experience. This role is for someone who has strong experience of working as a SOC Lead / Head of SOC. Client would like 3 days onsite near Basingstoke - must be able to commit to 3 days onsite requirements.

Your new role This role is accountable for the key security operations areas, including, but not limited to, Incident Management, Incident Response, Proactive Security Monitoring, Threat Hunting, Security Incident Analytics, Incident Trend Analysis and Reporting. You will be responsible for using analytics to provide insight to other security leaders in order to enhance policies and processes related to Risk Management, Security Program Management, and Security Governance. All this whilst keeping in mind the strategic intent to ultimately provide these services to our B2B markets. (MSP experience is desirable)

  • Lead day-to-day operations of Proactive Analysis, Security Tooling and CERT teams, including oversight and direction of complex cybersecurity incidents and investigations
  • Manage the implementation of the strategic planning in-line with the overall company strategy and Security Roadmap to provide future-proofed service delivery
  • Drive a multi-year strategy for continuous processes and technology improvement
  • Provide leadership and guidance in assisting IT and security personnel in the collection and review of artifacts relating to investigations
  • Collaborate with retain markers, joint ventures, third parties, business process owners and other partners to ensure consistency and effectiveness of Security Operations activities
  • Proactively identify security monitoring and process gaps and work with colleagues to expand visibility in identified areas
  • Work with Security engineering and Security architecture teams to seek new and innovative approaches to prevent and identify cyber threats using endpoint, network and cloud security solutions and emerging security technologies
  • Lead all people management facets including recruiting, hiring, performance management.
  • Effective management of 3rd Party Managed Service provider supporting Security Operations

What you'll need to succeed 5+ years of experience in incident response or penetration testing with proven experience handling cyber threats from external and internal sources 3+ years of leadership experience in a Managed Security Operations Centre or similar incident command organisation or reporting structure 2+ years of security solution design and security architecture experience; working as a security architect with business stakeholders Detailed understanding of the MITRE ATT&CK and D3fend Framework and the Cyber Kill Chain Detailed understanding of leveraging Cyber Threat Intelligence in support of a Managed Security Service organisation An understanding of attacks impacting a cloud-native environment (OCI, GCP, AWS and Azure) Ability to lead people to think critically by guiding them without doing the work for them Possess a demonstrated ability to speak with people with varying knowledge of Cybersecurity concepts Excellent interpersonal skills and ability to see things through the "customer's" eyes Experience with network flow data/tools and analysing high volumes of logs and related sources to support incident investigations Ability to describe cyber risk from an operating perspective to provide consulting guidance and build relationships. Understanding the best practices, control frameworks, and applicable legal and regulatory requirements, data privacy and breach notification laws, ISO 27001, NIST CSF and SP 800-53, CIS, CSA CCM, PCI DSS, etc. Demonstrable strong management skills, including the ability to develop, mentor and coach others Experience of working in large or federated enterprises, preferably in the Telecoms industry and operating as a Managed Services Provider

What you'll get in return Flexible working options are available.

What you need to do now If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV, or call us now. If this job isn't quite right for you, but you are looking for a new position, please contact us for a confidential discussion about your career. Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found at hays.co.uk

Apply
Similar Jobs
Loading data...