Costello & Reyes Group has been engaged by our client, an Information Management firm to identify a Head of Security Operations with a strong background in cyber security. The engagement is for an initial 9 months Whilst a permanent replacement is identified and engaged.

Job Introduction

A challenging and rewarding role for an experienced senior professional who can manage and mitigate risks related to information and cyber security across the organisation and its third parties.

The Head of Information Security Operations is responsible for leading and managing the Security Operations Centre (SOC), a team of cyber analysts and the Business as Usual (BAU) Security Operations functions. The role involves overseeing the detection, analysis, response and reporting of cyber incidents, ensuring compliance with security policies and standards, and providing strategic guidance and direction for the continuous improvement of the security operations capabilities.

Main Responsibilities

Investigate irregularities and non-compliance issues. Manage the day-to-day operations of the SOC, ensuring the timely and effective delivery of security monitoring, incident response, threat intelligence and vulnerability management services. Lead and develop a team of cyber analysts, providing coaching, mentoring, performance management and career development opportunities. Establish and maintain strong relationships with internal and external stakeholders, including senior management, business units, IT teams, vendors, regulators and law enforcement agencies. Develop and implement security operations policies, procedures, standards and best practices, ensuring alignment with the organisation's security strategy, risk appetite and regulatory requirements. Monitor and report on the security operations performance, metrics, KPIs and SLAs, identifying and addressing any gaps, issues or areas for improvement. Provide strategic direction and oversight for the security operations projects and initiatives, ensuring alignment with the organisation's objectives, priorities and budget. Stay abreast of the latest cyber threats, trends, technologies and solutions, and provide recommendations for enhancing the security operations capabilities and resilience.

Person Specification

A minimum of 10 years of experience in information security, with at least 5 years in a senior security operations role. A bachelor's degree in computer science, information security, cyber security or a related field, or equivalent work experience. A recognised security certification, such as CISSP, CISM, CISA, GCIH, GCIA, CEH or equivalent. Proven experience in leading and managing a SOC and a team of cyber analysts, preferably in a large and complex organisation. Expert knowledge of security operations processes, tools and technologies, such as SIEM, SOAR, EDR, XDR NDR, threat intelligence, vulnerability management, forensics and malware analysis. Strong understanding of security frameworks, standards and regulations, such as ISO 27001, NIST, CIS, PCI DSS, GDPR and others. Excellent communication, presentation, negotiation and influencing skills, with the ability to communicate complex technical issues to non-technical audiences. Excellent analytical, problem-solving, and decision-making skills, and the ability to identify and quantify information and cyber security risks and their impacts. Able to delve into granular levels of detail. Ability to analyse and interpret information quickly. Proven ability to work in collaboration with people and teams of different levels. Experience with stakeholder management. Sound business and technical acumen. Focused and versatile team player who is comfortable under pressure. Excellent problem-solving, pragmatic, and critical-thinking skills. Ability to communicate at all levels with clarity and precision, both written and verbally Good presentation skills Able to manage multiple projects with competing priorities and deadlines. High level of integrity, professionalism, and confidentiality, and the ability to handle sensitive information and cyber security matters with discretion.

Preferred Experience

Ability to demonstrate working with a medium to large technology enterprise. Experience in cyber security technology, financial, and business systems. Excellent communication, presentation, and interpersonal skills, and the ability to communicate complex information and cyber security concepts and issues to various audiences. Excellent project management, organisational, and time management skills, and the ability to manage multiple tasks and priorities in a fast-paced environment. Strong analytical and problem-solving skills, and the ability to interpret data and metrics related to cyber risk. Awareness of current and emerging cyber threats and trends affecting third parties and organisations.

Should you be interested in the above position, please feel free to submit your CV and call for further information.

Costello & Reyes Group Limited is one of the UK's leading providers of recruitment advice and services and acts as a recruiter on behalf of our client.