3 months ago
The Security Operations Centre Manager has overall responsibility of ensuring quality response to security incidents across Admiral Group. This central coordination role is vital for supporting the secure business operations of Admiral Group. The successful person will have a passion for investigation, a thirst for knowledge and enthusiasm to see an incident to closure. The successful candidate will project confidence and be prepared to coach team members in the ethos and practice of successful security operations.
The Security Operations Centre Manager will:
* Implement the overall monitoring and response strategy.
* Drive day to day operations and prioritise workload for the team. Represent the Security Incident Response Team, communicating the needs of the team and customer to improvement programmes.
* Define requirements and improvements against current and future playbooks.
* Improve the efficiency of the day to day duties of the Monitoring and Response teams by collecting metrics and evidence from current/past cases and refining telemetry and processes.
* Manage a diverse stakeholder list of internal customers, senior leadership team members, partners and IT, Legal, Public Relations contacts to disseminate relevant information and actions.
* Own the computer security incident response team charter authority, on behalf of the Head of Monitoring and Response, and conduct actions on that authority.
* Define and refine the constituency that is under effective monitoring.
* Project future capacity for log management, monitoring, analytics & hunting.
* Organise regular tests to ensure order of operations integrity is maintained.
* With appropriate authority, be able to call off incident response and cyber insurance retainers in support of rapid incident resolution.
* Manage Red Team and Forensics activities as required.
* Recruit and build capability across the team for Tier 1 triage, Tier 2 analysts, incident managers and threat hunters.
Relevant experience in security operations, incident management, response and security monitoring are required for this role.
The role would suit someone who has spent significant time understanding the changing threat landscape and the response options available to incident response teams. They will have proven experience in targeting hunting across the large enterprise.
The candidate should have a working knowledge of one or more security information and event management solutions for gathering and processing log information.
The candidate should have experience in handling live cyber incidents in a functioning security operations centre. The ability to work under pressure is a must as is the ability to remain calm and focussed on the mission.
Excellent IT knowledge that informs a wide array of containment options for typical kill chain events is required. This would extend to include Windows, Linux, Mac operating systems, typical web applications, relational database technologies.
The candidate will have a familiarity with various cloud platforms such as Google Cloud platform, Amazon Web Services and Microsoft Azure. Naturally this includes elements of Software as a service, Platform as a service and Infrastructure as a service. Understanding the mechanisms of breach and countermeasures in this space would be of significant advantage.
The ability to communicate effectively, constructively, confidently and professionally is key to the success in the role. You will need to energise and coach analysts in the team to maintain focus during periods of extended analysis.
The need to question information that others would take on face value, and remaining inquisitive across the enterprise, will improve the likelihood of chasing down incidents to confident closure.
CEH/CISSP and a technical/computing degree preferred.
We're Wales’ only FTSE 100 company with forward-thinking approaches and endless opportunities to test, learn and grow. There's a reason we've been named a best place to work: Our progressive culture, core values, and commitment to diversity and inclusion has created a working environment where people share ideas, aren’t afraid to speak up and change things, and above all, are felt valued.
Based on innovation and organic growth Admiral has grown from being a small start-up into one of the largest car insurance providers in the UK. The company is constantly investigating new products, services and markets and is now in seven countries with a diverse product portfolio.
Admiral’s success goes hand-in-hand with having a strong people focussed culture. We believe that happy people make happy customers and happy customers help increase profits. Our philosophy is a simple yet effective one: people who enjoy what they do, do it better.
We truly care about our customers, they are at the heart of every decision we make. We’re very proud of the innovative products we offer and level of service we provide. Everything we do acknowledges the needs of our customers and by recruiting the right people, we can continue to provide great service and ensure an excellent experience for our customers.
Admiral people work hard to keep us at the top of our industry, and are rewarded for it—with competitive pay, great benefits, a share package based on company performance, work-life balance opportunities, nearby fitness and health centres, and other special perks.
The Recruitment Officers looking after this role are Jessica Sutton (Jessica.SUTTON2@admiralgroup.co.uk) and Luke Tooze (Luke.TOOZE2@admiralgroup.co.uk) . If you’d like to know any more information about the position, please feel free to drop them an email or give them a call on the Recruitment line.