Role: Head of Security Operations
Locke & McCloud are seeking an experienced Security Operations professional on behalf of a global investment management firm. Incident response experience and a history of managing a Security Operations Centre is a pre- requisite.
The security team operates across a robust environment and are looking for an individual who thrives amongst a fast- paced and ever- changing landscape.
Responsible for overseeing the daily operations of enterprise security systems, which encompass SIEM, SOAR, Elastic, ticketing, alerting, and messaging systems.
Supervise junior-level analysts in managing the day-to-day activities of enterprise security systems, including coordinating shift rotations and handovers.
Collaborate closely with Managed Security Providers (MSP) to uphold runbooks, escalation procedures, and integrate available threat intelligence.
Employ detective controls to formulate rules and alerts that enhance security monitoring.
Conduct proactive hunt activities across our log aggregation and SIEM platforms.
Propose, test, fine-tune, and implement correlation rules for SIEM and other tools.
Identify false positives in alerting, undertake incident response, triage, incident analysis, and remediation tasks.
Propose and create new SIEM use cases/rules in collaboration with engineering teams.
Maintain documentation for the Security Operations Centre (SOC) function, including a training program for new Security Operations staff.
Actively participate in Information Security Incident Response activities for the firm’s environment.
Uphold security policies and procedures by administering and monitoring relevant systems and events, and responding to client inquiries.
Manage threat and vulnerability management functions, including conducting vulnerability scans, analysing scan results, and assisting with remediation efforts.
Provide technical support to IT staff in detecting and resolving security issues.
• Experience with people management in a SOC.
• Hands-on experience with SIEM platforms.
• Log analysis and experience reviewing security events.
• Ability to manipulate data and produce relevant metrics and reporting around security incidents.
• Scripting and development skills.
• Able to prioritise in a challenging environment.
Locke & McCloud are the UK’s leading cyber security & information security staffing company – through having a sole focus on the cyber & information security space we have been able to foster solid relationships with some of the UK’s most exciting cyber security consultancies & end users. Our focus on the information security space allows us to be able to help you find the most exciting opportunities in the cyber security market. If you are on the lookout for your next cyber security or information security role, please get in touch!