Security Operations Manager (SOC)

Technical Delivery

• To provide high quality IT Security guidance documentation and training in conjunction with the CISO to the internal technology teams (Internal IT, Operations, Application Development).
• Carry out technical vulnerability assessments of IT systems and processes, identifying potential vulnerabilities to Platform(s) and Corporate systems and processes, making recommendations to the technology management and the CISO to minimise risks identified.
• To liaise with external security agencies where required and ensure that any information requested is provided on a timely and secure basis.
• Contribution to the architectural functions in each team to ensure that privacy and security by designs are created with final compliance as a goal.
• Responsible for ensuring any new vulnerabilities are resolved/mitigated in line with risk based prioritisation (business and technical).

Business-wide Impact

• Lead and act as a strategic and tactical partner in the operational and technical development of the SOC (Security Operations Centre).
• Liaise with other key functions with in the business as required. These include; CTO, CIO, CISO, Operations, Infrastructure Services, Support, Sales & Procurement.
• Establish and maintain excellent relationships with all other technology groups.
• Initiate review and suggest improvements to the products (through Product Management) and services provided.
• To respond rapidly and effectively to IT security incidents, managing them in a professional manor, reporting to the CISO.
• Assist in performing computer forensics for evidence gathering and preservation.
• To contribute to the IT risk register and carry out assigned actions to mitigate risks identified
• To keep up to date with security trends, threats and control measures

SOC Team Management

• Manage and lead the SOC team on a daily basis to meet and exceed customer contractual obligations.
• Provide leadership, guidance and mentoring to IT staff within the SOC team and across the wider technology group.
• Motivate immediate team on a daily basis to deliver across their key areas of responsibility.
• Respond to and assist team members to resolve escalations or find assistance for technical questions.
• Ensure the team are trained in processes and procedures, fully documenting and maintaining processes for reference, training and audit purposes.
• Identify training needs across the team and design/source training that will meet these requirements.
• Invest in the personal development of the team, continuously improving their soft skills, customer service, technical skills and problem solving. Proactively address areas of poor performance with the team and support them to improve.
• Motivate, coach and develop the team on a daily basis. Give regular constructive feedback and recognise good behaviour/performance.
• Provide weekly reports/updates on team activity, project progress etc. as required.

Effectively manage and monitor resource levels, and deciding on task priorities for team members.

Certifications, Compliance and Investigation

• Participate and take an active role in investigations as required.
• Provide input into the CISO’s Risk Committee to ensure IT Security is included in risk and compliance reports.
• Design and implement systems/process that meet agreed security requirements. Documenting the process and procedures wherever necessary as part of the PCI and ISO27001 requirements and to ensure a knowledge base is created and maintained.
• Participate and take an active role for Business Continuity planning across the global businesses.
• Act as the IT Security escalation point within the business for all Technology Security operational issues.

Manage security incidents and events to protect Corporate information technology (IT) assets, intellectual property, fixed assets, and Redwood’s reputation working alongside the CISO