Job Description

Full-time
Contract Type: Permanent
Directorate: Group Cyber Security and Technology

Company Description

-----------------------


We are part of International Airlines Group (IAG), one of the world's leading airline groups and owner of some of the biggest brands in the sky.


With a diverse workforce spread across four countries, IAG Transform provides creative and innovative solutions to drive sustainable transformation by delivering procurement, and airline services, as well as group-wide systems across IAG. Each operating company benefits from the Transform centralised model, driving efficiencies, automation, and economies of scale.

-------------------


This is a high-impact greenfield role ideal for a strategic and hands-on cybersecurity professional. As an individual contributor, you will be responsible for defining and implementing the end-to-end operating model for collaboration between the central Security Operations Center (SOC) and supporting functions. You will formulate all core processes, define areas of handover with the core SOC, and establish the technology stack and deliverables necessary to enable scalable and effective security operations.


A key early responsibility will be contributing to the selection and onboarding of a new Managed Security Services Provider (MSSP). You will work closely with the chosen vendor to define operational procedures, service delivery models, key performance indicators (KPIs), and service level agreements (SLAs). Building a strong, collaborative relationship with the MSSP will be a critical short-term goal.


In the longer term, this role will take ownership of developing the business case for building and strengthening internal capabilities -- laying the foundation for a future in-house team and transitioning key functions where strategically appropriate. You will also be expected to build trusted relationships with external stakeholders across operating companies to ensure SOC services are aligned with business risk and operational priorities

Qualifications

------------------

Qualifications

Educated to degree level or equivalent experience

Desired qualification

Recognized Security qualifications desirable e.g. CISM, CISSP (preferred) Experience in leading complex of Security focused teams or Level 3 Senior Security Analyst / Senior Incident responder / forensic investigator Project Management experience and certification (preferred) Ability to lead and manage a large team of security analysts and specialists. Expertise in incident detection, analysis, and response methodologies. Proficiency in coordinating and leading incident response efforts during security breaches and incidents. Deep understanding of cybersecurity principles, technologies, and best practices. Knowledge of security tools and technologies used in a SOC environment, such as SIEM (Security Information and Event Management), IDS/IPS (Intrusion Detection and Prevention Systems), and EDR (Endpoint Detection and Response) solutions. Ability to assess and prioritize security risks based on their potential impact and likelihood. Knowledge of relevant regulatory requirements and industry standards (e.g., GDPR, PCI DSS). Experience in ensuring SOC operations comply with legal, regulatory, and contractual obligations Strong verbal and written communication skills to articulate complex technical concepts to diverse audiences. Ability to communicate effectively with senior management, stakeholders, and external partners. Adaptability to rapidly changing threat landscapes and evolving technologies. Capacity to adjust SOC strategies and operations in response to emerging threats and organizational needs.

Experience

Extensive experience in Security Operations Prior experience in a CIRT Team Leadership in Security Incident Response (SIR) Expertise in SIEM/SOAR tools Broad knowledge of security concepts (threat intel, vulnerability management, network security) Experience in threat analysis & security alert detection Familiarity with security frameworks (MITRE ATT&CK, NIST CSF) Security team leadership or strong leadership potential Experience in performance management Excellent communication & collaboration skills Security scripting and automation skills (Python, Bash) (Optional) Knowledge of cloud security concepts and best practices (Optional) Understanding of security compliance regulations (PCI DSS, ) (Optional)

Job Location

----------------