Security Operations and Response Lead Full Time

McCabe & Barton

What you’ll do

This role will lead the build-out of the company’s security operations capability before the launch of its product at the end of 2022. the role requires technical knowledge of typical corporate IT systems, cloud-native services, and monitoring architectures though you will be expected to also contribute to the general security architecture and management of the company’s security while this is being established. You will run all operational activities with regard to monitoring and response by selecting an MSSP SOC provider for us and ensuring that the organisation is adequately covered and the MSSP provider is integrated and performing as expected.

When established with a to be chosen provider the Security Operations and Response function will provide oversight/escalation of the security monitoring, incident response, and threat analysis for the firm. The function is responsible for managing the daily activities of system event logging, IDS monitoring, data leakage prevention, and incident triage, response, and analysis. They also provide support for security investigations and incident management. They ensure continuous monitoring, detection, and response to security incidents and help improve the security posture of the firm by sharing lessons learned from responding to incidents.

What you’ll need

• A strong sense of ownership. Our teams create high-quality work on quick timelines. Owning a problem doesn’t scare you, but rather empowers you to take 100% responsibility for achieving our mission
• Demonstrable experience in security monitoring and response and ability to run selection processes of an MSSP and other vendors.
• Proven experience operating or supervising a SOC function either at a vendor or within a corporation.
• Management or operations of a SOC in typical corporate systems and cloud-native applications.
• Experience of working under pressure and demonstrable experience of security incident management.
• Experience in running or commissioning Crisis Management scenarios and tabletop exercises with senior managers to prepare response capabilities
• Experience in managing and escalating issues and risks as they develop in clear and understandable ways to senior stakeholders.
• Holder of recognized, current security certificate (eg CISSP/CISM)
• Solid understanding of regulatory and compliance requirements, including security frameworks such as NIST CSF, ISO 27001 and GDPR
• Experience working in regulated environments/banking
• Ability to perform or commission assessments; identify security threats and vulnerabilities across the corporate enterprise; implement controls; provide reporting and analysis to appropriate teams
• Comfortable communicating across all levels of an organization.
• Excellent command of spoken and written English.
• Experience within the Financial Services Industry and/or Private Equity desirable
• Experience in payments systems and/or sanctions screening desirable
• At least 10 years of experience working as an IT professional on the corporate side with at least 5 years of that experience in IT Security. Ideally in a regulated financial organization

Characteristics

• Strong leadership, facilitation, and communication skills
• Pro-active issue and risk management approach
• Expert problem management and solution orientated
• Flexibility able to adapt to rapidly changing situations
• Able to balance apparent conflicting priorities and conflict to find simple solutions
• Resilient, able to provide positive clear direction in high-stress situations, inspiring others
• Attention to detail
• Strong stakeholder management and relationship-building skills
• Tenacious, delivery focused and results-driven
• Interest in working in a fast-paced and future-oriented multicultural environment
• Willingness to work outside of normal business hours, and as unique projects/needs arise
• Willingness to travel to delivery partner sites

Conditions

• 6-month Inside IR35 contract with the option to extend or transfer to perm
• Competitive rate
• Hybrid working model- 2 days on-site in the City of London