Main characteristics
- Location
- Milton Keynes, Buckinghamshire
- Company
- Aztec Resources
- Employment type
- Permanent
- Category
- IT
Job summary
SecOps Manager required for my large and extremely busy client. The SecOps Manager reports to the Head of Information Security helping to drive the strategy, road map, and operational security capabilities of Information Security, which include the day-to-day management of the SecOps processes, direct reports and 3rd party managed SOC provider (MSP), to ensure an appropriate security posture is maintained at all times across with group.Some accountabilities of the role:
* Provide leadership and direction to the SecOps team, plus day-to-day task prioritisation, performance management, and development.
* Ensure effective monitoring and response capabilities including major incident response management, in relation to cybersecurity incidents and investigations in a timely manner.
* Check that vulnerability detection processes, technologies, and procedures are maintained to provide effective threat management.
* Maintain and improve the technical aspects of the vulnerability management program for Cloud, Websites, and on-premises infrastructure. Including the ability to report on compliance requirements such as PCI-DSS and Cyber Essentials
* Develop, enforce, and provide assurance for a comprehensive set of technical security controls.
* Support delivery of programs and projects across the group to ensure effective onboarding of information security controls.
* Liaise with the Governance Risk and Compliance team to ensure technical controls and monitoring requirements are maintained across the clients very large digital estate.
* Publish and maintain SecOps and incident reports for leadership and management on an ongoing basis, including KPIs that give clarity and enable us to hold teams to account across the organisation.
* Effectively manage vendors and managed service partners (MSPs), to ensure cost-effective delivery, continuous improvement, and SLAs are maintained.
* Maintain an effective continuous and ad hoc PEN testing program in addition to timely remediation of vulnerabilities in a risk-based manner