Marks And Spencer Jobs – InfoSec Operations Centre Manager in Stoke-on-Trent, UK

Overview

Position Title:InfoSec Operations Centre Manager

Company:Marks and Spencer

Location:Stoke-on-Trent, UK

Job Description:

The role’s purpose is to support the InfoSec Operations Manager, to both manage and own the M&S Global Security Operations Centre. Providing oversight of M&S colleagues and Managed Security Service Provider as per the key accountabilities and responsibilities. Also, to drive improvements in all products and services provided by the Security Operations Centre with main focus on ‘Detection and Response’ to security events.

Responsibilities:

• The Information Security Operations Centre team provides a multi located service that covers event management, incident response, investigations and forensics, threat hunting and security monitoring.
• Protect company and its customers from materially impactful events to its Business, Brand and Customer e.g. catastrophic events, significant financial losses, and highly embarrassing events.
• Operationalise effective Information Security Operation Centre Services and controls to protect core business processes and customer data i.e. (Identify, Detect, Protect, Respond and Recovery controls.
• Identify and respond to threats: Incorporating industry intelligence to enable proactive threat detection, containment, and response.
• Work with the SOC Leads and Service Delivery Managers to deliver activities within the continuous programme of Information
• Security Operations Centre improvement relating to Information Security monitoring and incident response for application, infrastructure, and all critical services.
• Lead and maintain Information Security tooling owned and operated by the Security Operations Centre.
• Lead Cloud Information Security specific subscriptions
• Chair daily, operations Stand-Up calls, maintain actions and raise any issues.
• Report and Maintain Key Risk, Performance and Success Indicators for the team.
• Act as a liaison between industry peers, government agencies (including law enforcement) and other specialists.

Requirements:

• Strong management and influencing skills
• Strong verbal and written communication skills are crucial to success in this role
• Proficiency in preparation of reports, dashboards, and documentation
• Ability to work well in a diverse team
• Methodical and principled work approach
• Good problem-solving analytical skills
• Good interpersonal skills
• Experience of Security Incident Management and Response, including within a DevSecOps operating model
• Knowledge and demonstrable experience of Information security technologies and methodologies
• Security event log collection and analysis
• Experience of vulnerability and threat assessment
• Experience of Intrusion detection and prevention systems
• Experience of Web-based application security
• Experience of Cloud systems and their Architecture (Azure, AWS)
• Experience of working in a 24/7 Security Operations Centre environment
• Experience of Incident Handling processes and procedures
• Demonstrable experience of working efficiently with led suppliers and vendors
• Awareness of Agile environments and practices