Security Operations Lead
UKCloud provides an unbeatable, secure UK public cloud. Focused solely on serving the UK Public Sector. We are committed to assurance and security while delivering flexible, agile and value-based cloud hosting to our customers.
· Doing the right thing. By delivering better services to citizens and better value for taxpayers, by reducing the time, costs, and risks of digital transformation.
· Accelerating digitalisation with local multi-cloud experts. Our award-winning customer support is here to help our customers throughout their journey with us.
· Harnessing multiple cloud services. To help organisations use multi-cloud to address existing and legacy IT as well as cloud native applications.
· Uncompromising safety and integrity. As we believe the UKs public services are a national asset that needs protecting and nurturing.
Formed in 2012, UKCloud is based in Farnborough (Hampshire) and Corsham (Wiltshire).
Purpose of Role:
As the Operations Lead – Security you will directly influence the maintenance and improvement of the company’s operational security posture with a focus on creating, refining, and enhancing operational processes and procedures that manage and protect live services across the organisation.
You will be directly responsible for setting appropriate objectives that align with the Practice Director – Operations and compliment the overall Security Strategy set by Service Director - Security and Networks ensuring that these are achieved by the Security Operations Team.
You will be required to interact and engage with key stakeholders across all practice and service families.
· Lead and mentor the Security Operations Team to deliver team goals and personal growth
· Provide oversight of the Security Operations Team performance both individually and as a collocative to the Practice Director – Operations
· Actively engages and maintains an excellent working relationship with our SOC partner e2e-assure, leading Service Management activities such as Ticket and Service Reviews
· Day-to-Day and ongoing reactive operations management for security vulnerability monitoring and response of the UKCloud platforms and services
· Lead the implementation of Security Operations related initiatives as part of Operations Improvement
· Responsible for the creation and upkeep of Security Operations Team procedures; to include incident response process and plans, protective monitoring service, Security tooling.
· Responsible for ensuring UKCloud fulfil their Vulnerability Management obligations to governing authorities and acts as the point of contact for UKCloud
· Enforce policies, processes and standards and procedures through monitoring and identifying anomalous activity and breaches of policy
· Ensure Operations deployment is executed against documented processes and procedures · As part of operations assurance ensure adherence to documented operations practices
· Contribute to the development and delivery of multi-year security strategies · Establish and maintain Security Incident response plan
· Establish and maintain Vulnerability Management program
· Excellent working ethic and personal leadership with the ability to work individually and as part of a team
· Strong understanding of IT Operations and/or best practice with the ability to clearly articulate to both technical and non-technical stakeholders
· Security Operations experience and/or Security certification such as CISMP, CISM, CISSP
· People management and teamwork development, enthusiastic to support the continual development of technical employees
· Excellent and clear communicator (written, verbal and visual) to internal and external stakeholders
· Affective resource planning with an ability to prioritise and deliver under pressure
· Technical acumen to assess and input towards technical scenarios and situations
· Ability to create and maintain good working relationships both internally and externally with all stakeholders at all levels of the business
· Provide Security related education and insite across the organisation and co-ordinate quizzes and training exercises such as phishing attacks
· Resilient and tenacious with a ‘can do’ approach
· Flexible and adaptable
Employees holding this position are required to achieve and maintain an appropriate security clearance, as detailed in the header of this job description, as a condition of employment with UKCloud Ltd.
UKCloud Ltd is an equal opportunities employer. Applications from individuals are encouraged regardless of age, disability, sex, gender, sexual orientation, race and religion.
Information Security Management System
This position is within the scope of the UKCloud Information Security Management System (ISMS), and the post holder is responsible for complying with applicable requirements of the UKCloud Information Security Policy, Information Security Manual, and all other information security policies, processes and documentation including UKCloud SyOPs (UKC-AAA-11).
Information Security: Asset/Control/Risk Ownership
This position may be responsible for the ownership of: · Information Assets or Supporting Assets · Control Objectives or Controls · Management of identified risks · Suppliers – specifically their information security responsibilities IT System Access Employees holding this position will automatically be provided with access to the systems and data that have been specified within the UKCloud IT System Access Matrix (UKC-GEN-46).