Job Description

Job title: Cyber Security Operations Manager

Location: Hammersmith

• Competitive salary plus bonus
• Hybrid working
• 25 days\' paid holiday increasing each year
• Extra days off for your birthday, to volunteer, move home and wedding/civil partnership
• Private medical Insurance
• Life assurance
• Retail offers - discounts from hundreds of recognisable brands
• Cycle-to-work scheme
• Free Hyperoptic broadband if you live in a Hyperoptic area
• Recruitment referral bonus
• O2 mobile phone discount
• Enhanced pay for new parents
• Tastecard for restaurant, retail and entertainment discounts

Who are we?

Hyperoptic is the UK\'s hyperfast broadband provider.

We offer broadband speeds 11x faster than the UK average, proudly setting a new fibre \'gold standard\' with hyperfast speed, reliability and customer service.

And we\'re on a mission: to gigabit Britain.

Whatever we\'re doing - whether we\'re liaising with property professionals, delivering our network, or installing in a customer\'s home, going beyond the expected is the benchmark.

We work smarter, together, being agile and responding with the speed our business and customers demand - without compromising on quality. We stay focused, performing at our best to ensure we are focused on hitting targets and goals together. And we strive for excellence, paying attention to the detail, constantly seeking to stretch ourselves and find better ways of doing things.

And today we\'re looking for a Cyber Security Operations Manager who shares these values. Does this sound like you?

Summary of key responsibilities/deliverables

Responsible for managing and transforming the existing cyber security operations team and any 3rd party Managed Security Services into a high performing cyber operations function.

Working with our SOC service provider, to create and implement and automate processes and procedures to effectively detect, respond to and manage security incidents, perform vulnerability management, operationalise cyber threat intelligence and threat hunting, manage the relationship and continuously optimize and automate process provided by our 3rd party Managed Security Services Provider.

Technical, people and supplier management is required day-to-day within this role, and during escalations, some direct involvement in incident response, vulnerability management, and other operational functions may be required.

Support the development and implementation of a vulnerability management program. Ensure the efficacy of day-to-day VM activities in the team, to ensure vulnerabilities are detected, reported, tracked, and remediated as per accepted standards and timelines.

Develop and implement a target operating model for Hyperoptic\'s 24x7 Security Operations Centre (SOC).

What will you be doing?

Responsibilities

• Design and implement a target operating model (TOM) for SOC that best suits Hyperoptic needs based on its threat profile, assets, business priorities, regulatory requirements (Telecommunications Security Act), and other considerations, including using our 3rd party Managed Security Services Provider.
• Develop and maintain cyber security operational related policies, procedures and processes in close cooperation with other Security teams to ensure all necessary information and security data are continuously collected, correlated and analysed to detect potential external and internal threats.
• Ensure that cyber security operational related policies, procedures, processes, and controls align with current regulations and standards, e.g., NCSC CAF and Telecommunications Security Act.
• Manage all day-to-day activities within the team to ensure the effective operation of incident detection and response, vulnerability management, cyber threat intelligence, and threat hunting.
• Define, review and report on key security performance indicators to ensure proper service delivery and improvements.
• Develop and provide reports regularly to meet Hyperoptic compliance and audit needs.
• Ensure continuous team services improvement, including employees and external providers, processes, and technologies.
• Strategic planning for annual budget recommendations and long-term overall information security strategy development.
• Contribute to defining the roadmap for security tools and technology and 3rd party managed SOC services as required to augment/complement internal team capabilities.
• Contribute to designing, implementing, and maintaining Hyperoptic\'s security tools and integrations.
• Take part in security product evaluations, technical evaluations, and POCs for security tools.
• Collaborate with other internal teams to continually improve Hyperoptic\'s security posture.

SIEM and SOAR

• Work with our managed security service provider to build and implement use cases within the SIEM and SOAR tools
• Collaborate with external teams to ensure that the SIEM platform maintains access to all systems and data necessary to perform its function.
• Work with our managed security service provider to create and maintain playbooks for SOC operations.

Security Automation

• Work with our managed security service provider to develop solutions and processes to increase automation and reduce support.
• Champion a reliability engineering-driven approach, with a focus on automating any repeat tasks.

Vulnerability Management

• Develop and implement a vulnerability management plan outlining the organisation\'s steps to identify, prioritise, and remediate vulnerabilities. This plan should be based on the organisation\'s risk appetite and updated regularly to reflect changes in the threat landscape.
• Responsible for overseeing the vulnerability management activities of the SOC team and ensuring vulnerabilities are detected, reported, tracked, and remediated as per accepted standards and timelines.
• Measure and report on the Hyperoptic\'s progress in managing vulnerabilities. Reporting should be used to track progress, identify areas for improvement, and communicate the value of vulnerability management to stakeholders.
• Build, maintain relationships and communicate effectively with stakeholders, including IT staff and management, to facilitate vulnerability management and patching.

What are we looking for?

• Extensive experience as a SOC Manager or SOC Team Leader.
• Experience in leading and managing teams. Ability to motivate and inspire team members, as well as the ability to delegate tasks and track progress.
• Advanced certifications such as CISSP, CISM, CISA, CERT-CSIH, SANS GIAC GSOM/GCIH/GCIA and SIEM-specific training and certification.
• Demonstrable experience and in-depth knowledge of Information or Cyber Security Operations, Incident Response and Investigations, including using 3rd Party Managed Security Service Providers.
• Experience in developing target operating models for SOC or CSIRT teams.
• Strong knowledge of EDR, SIEM & UEBA systems, SOAR integration and threat intelligence sharing platforms.
• Experience in vulnerability management, including a deep understanding of the vulnerability management lifecycle, as well as the ability to use vulnerability scanning tools and other security tools.
• Experience in developing and implementing vulnerability management plans updated regularly to reflect changes in the threat landscape.
• Understanding of tools and techniques used by attackers to enter corporate networks, including common IT system flaws and vulnerabilities.
• Understanding of threat landscapes and threat modelling, vulnerability management, and security monitoring.
• Good understanding of MITRE ATT&CK and threat-informed defence concepts and how to use them in practice.
• Advanced knowledge of best practice standards and procedures regarding information systems applications, data and infrastructure security.
• In-depth knowledge of architecture, engineering, and operations of at least one enterprise SIEM platform.
• Understanding of TCP/IP, OSI model, standard networking ports and protocols, traffic flow, system administration (Windows/Linux), Microsoft Active Directory and Azure AD, defence-in-depth, zero trust and common security elements.

We\'re committed to providing equal opportunities to all applicants and employees. In fact, this is at the heart of our culture and values. We welcome applications from candidates from all walks of life.

What happens next? * You apply.

• We carefully review your application.
• We\'ll get back to you - even if it\'s a no (for now).

And don\'t forget to keep an eye on our careers site as we\'re growing fast:

We look forward to hearing from you.

Role Description

Hyperoptic