Job Description
Job Summary: Detection & Response Security Manager
Manage the execution of Security Operations Centre (SOC) capabilities, ensuring efficient and effective operation of detection, threat and incident response.
About the Role
As a Detection & Response Security Manager, you will collaborate with different people across a range of skillsets to manage the execution of Security Operations Centre (SOC) capabilities.
- Manage the execution of Security Operations Centre (SOC) capabilities, ensuring efficient and effective operation of detection, threat and incident response.
- A key contact for Primark's outsourced SOC provider, managing stakeholders and the first point of contact in the event of a potential security incident.
- Perform and coordinate threat hunting proactively to identify threats and assess the state of security controls; work with red teams to detect offensive operations, and capture and action findings.
- Triaging events from a wide range of sources, including reports from employees, security systems, ethical hackers and threat intelligence data.
- Ensure detection, protection, response and recovery runbooks are up to date, complied to and where possible highly automated with threat detection technology optimised.
- Ensure integration and onboarding of new security services within the monitoring and detection capability of the SOC.
- Conduct cyber security incident response tabletop exercises with various teams inside & outside the business that will be responsible for different response activities.
About You
We are looking for a skilled and experienced Detection & Response Security Manager to join our team. If you have a proven track record in cyber security and a passion for delivering exceptional results, we want to hear from you.
- 6+ years proven cyber security experience in a hybrid (on-prem & cloud-centric), fast-moving organisation.
- Demonstrate experience and in-depth knowledge of Cyber Security Operations, Incident Response and Investigations.
- Experience planning, prioritising and organising work in all required areas to meet requirements.
- An appropriate degree, equivalent qualification or experience.
- A recognised security certification is desirable e.g. GIAC, CompTIA, Microsoft, CISM, CISA, CISSP or CRISC.