Listing Description

About the role:

As we scale our security function to support our two payment brands and future acquisitions we need to ensure security operations are set up to scale.

We are looking for a person with deep expertise in incident response and vulnerability management who is interested in automation to help scale security operations and take the capability to the next level. We have a close knit highly competent team who you’ll be joining, working alongside them to run phishing campaigns, manage security incidents through our SIEM and contribute to purple team exercises alongside our internal red team capability.

What you will own:

Reporting to the Security Operations Lead you will:

Perform Incident response:

• Act as the technical lead on incidents with deep subject matter expertise


• Respond to security incidents in a timely and effective manner.


• Investigate security incidents to identify root causes and prevent future incidents.


• Communicate with stakeholders throughout the incident response process.


• Review existing processes looking for improvements proactively


• Create run books for common scenarios to improve consistency and prepare for automation

• Champion SecOps Automation:




• Review tooling and processes and automate wherever possible leaning on the ability of the SIEM to integrate to 3rd party APIs and follow workflow to enrich data as well as automatically close some incidents.




• Manage threat and vulnerability management:




• Keep abreast of emerging threats & vulnerabilities


• Own the vulnerability reporting services and manage vulnerability team remediation metrics building relationships and influencing remediation outcomes through robust processes including reporting and risk management.




• Improve stakeholder collaboration & influence:




• Partner with engineering, operations, and business teams to foster a security-first culture.


• Lead SME cross team collaboration sessions to improve knowledge sharing and drive outcomes


• Improve security education and awareness campaigns by leading multi disciplinary and multi media messaging campaigns.




• Strive for continuous improvement:




• Stay updated with the latest developments in security operations and incident response.

Qualifications:

• Technical skills:




• Deep understanding of computer networking, authentication, DNS, operating systems & cloud computing.


• Long standing experience responding to incidents including EuC, public cloud server infrastructure and containerised environments.


• Excellent knowledge of modern incident response in a public cloud environment and an organisation that has an engineering capability.


• Experience of scripting and automation.


• Familiarity with Infrastructure as Code tools (e.g., Terraform, CloudFormation).




• Soft skills:




• Calm under pressure


• Strong problem-solving and analytical skills.


• Outcome focussed and keen to move the needle.


• Experience working in an industry with a high value public facing service.


• Excellent communication and interpersonal skills.


• Ability to work independently and as part of a team.


• Ability to work under pressure and meet deadlines.