- Company Name
- Digital Science
- Job Title
- Security Operations Lead
- Job Description
-
**Job Title:** Security Operations Lead
**Role Summary:**
Leads and evolves the Security Operations function within the Group Information Security team, delivering technical security architecture, compliance, incident response, and risk management. Acts as the central coordinator for cyber security controls, SOC operations, and advisory services across the organization, reporting to the Deputy CISO.
**Expectations:**
- Build and maintain a robust security operations architecture aligned with strategic objectives.
- Ensure security policies, standards, and controls are effective, compliant, and consistently applied.
- Drive continuous improvement of detection, automation, and response capabilities.
- Provide expert consultancy to technology and business teams on reactive and proactive security matters.
- Maintain clear documentation and evidence for audits, assessments, and regulatory requirements.
**Key Responsibilities:**
- Define, design, and sustain comprehensive security operations architecture addressing current and emerging threats.
- Manage delivery of cyber security projects and coordinate business security initiatives.
- Lead monitoring, detection, and investigation of security events; enhance SIEM, SOAR, logging, and vulnerability management.
- Own incident response processes, coordinate stakeholder engagement, and oversee post‑incident remediation.
- Oversee internal and third‑party security testing (automated scans, penetration tests) and ensure remediation tracking.
- Enforce technical security policies, standards, and best practices across systems, applications, and cloud environments.
- Develop and report KPIs, SLAs, and dashboards on security performance (response times, false positives, remediation progress).
- Stay current with regulatory frameworks (e.g., ISO 27001, GDPR, PCI‑DSS, NIST, NCSC) and emerging threat landscapes.
- Produce security evidence and responses for internal and external auditors or regulators.
- Represent the organization in information security forums, councils, and community engagements.
**Required Skills:**
- Hands‑on experience with SIEM, SOAR, EDR/XDR, vulnerability scanners, DLP, firewalls, IDS/IPS.
- Strong knowledge of cloud platforms (e.g., AWS, Azure, GCP), virtualization, and logging infrastructures.
- Proficiency in alert tuning, noise reduction, log monitoring, and anomaly detection.
- Familiarity with MITRE ATT&CK, OWASP, and other security frameworks.
- Proven incident response and cyber‑security event management expertise.
- Ability to manage security projects and coordinate cross‑functional stakeholders.
- Experience developing security KPIs, SLAs, and performance dashboards.
- Up‑to‑date understanding of relevant regulations and standards (EU Cyber Resilience Act, EU AI Act, ISO 27001, GDPR, PCI‑DSS, NIST, NCSC).
- Excellent communication, documentation, and stakeholder engagement skills.
**Required Education & Certifications:**
- Bachelor’s degree in Computer Science, Information Security, Cybersecurity, or a related field (or equivalent practical experience).
- Relevant professional certifications preferred (e.g., CISSP, CISM, CISA, CEH, GSEC, or vendor‑specific certs for SIEM/EDR platforms).