- Collaborating with the to maintain the roadmap.
- Program-managing the portfolio of security initiatives with support from project managers.
- Researching, designing and testing solutions to counter cybersecurity risks.
- Implementing and maintaining solutions owned by IT Security.
- Designing and implementing processes.
- Project planning, managing dependencies and coordinating resources.
- Working closely with the to continually develop, improve and maintain a globally consistent approach to the adoption of IT Security controls.
- Performing cyber risk assessments and contributing to the global risk register.
- Managing and tracking of risk treatment actions.
- Performing gap analysis and/ or assessing compliance with established controls.
- Undertaking due diligence on prospective and existing third-party service providers.
- Measuring and reporting performance via Key Performance Indicators (KPIs).
- Being the regional cyber incident handler and central point of contact.
- Continually improving our global incident response process and technical playbooks.
- Responding to alerts from internal monitoring tools and our MDR service.
- Leading incident response exercises supported by external consultancies where needed.
- Working with the to establish clear, achievable team goals and objectives, ensuring team members understand their individual contributions to the big picture.
- Facilitating open communication, conveying information from senior management to the team and vice versa. Listening and acting on team members' concerns, feedback and ideas.
- Inspiring, motivating and coaching team members as needed to achieve their best performance. Continue to foster a positive team culture.
- Helping to prioritize, track completion and resolve issues to ensure tasks are completed to agreed timelines and standards. Lead regular stand-up/ team meetings.
- Conducting individual performance management reviews for team members.
- Supporting the training and development needs of team members.
- Previous team lead experience for a team of a similar size (e.g., 2+ direct reports).
- Planned and managed a reasonable number of projects/ initiatives, coordinating the resources of own team and other teams. Can demonstrate good stakeholder management.
- Extensive incident planning and response experience, managing incidents, developing processes, playbooks and leading tabletop exercises.
- First-hand experience with analysing cyber threat intelligence and leveraging the content to produce actionable defence initiatives.
- Significant experience (several years) in performing cyber risk assessments. For example, they have performed broad assessments/ gap analysis against a variety of security frameworks and can risk-assess a solution/ architecture presented to them and provide clear recommendations.
- Good working knowledge and can advise on securing Microsoft Windows, Active Directory and Azure AD. Experience in the following fundamentals is an advantage:Managing Active Directory users, computers, and group policy security settingsConfiguration of Windows Clients and ServersConfiguration of Microsoft Azure, Office 365 and Defender servicesUsing PowerShell to administer or audit objects and automate tasks.Implementing technology hardening configurations.
- Hands-on experience with deploying, configuring, and managing endpoint security solutions including EPP's, EDR, host firewalls and device control.
- Offensive Security Certified Professional (OSCP) or equivalent certification or training (e.g. TryHackMe or Hackthebox) is desirable because of the mindset it instils.
- If these cannot be demonstrated, we are looking for someone who understands at a detailed level how attacks work and thus how to mitigate them with precision.
- Is familiar with the Mitre ATT&CK knowledge base and how to leverage it for cyber defence.
- Strong working knowledge and ideally practical experience in leveraging Microsoft capabilities to mitigate risks affecting Microsoft Windows clients, servers, and cloud services.
- Is familiar with industry frameworks including ISO 27001 and CIS Critical Controls.
- Is proficient at using Excel to analyse, manipulate or present data quickly.
- Strong project planning and execution using Kanban or Waterfall methodologies.
- Has a 'security mindset' – asks the right questions to identify security flaws/ issues.
- Is tenacious, if told something can't be done, they will proactively research, talk to others and find solutions to security challenges.
- Demonstrable interest and curiosity in cyber security.
- Highly self-motivated, proactive and approaches challenges with a positive can-do attitude.
- When presented with an objective, can research, plan, organise and deliver to deadlines with minimal supervision.
- Attention to detail and strong focus on accuracy of information.
- Excellent communication skills, being able to adapt their communication style and vocabulary depending on the audience (e.g. technical SME's vs senior managers). Being able to proof communications created by others.
-
Security Lead
1 week ago
Understanding Recruitment London, United Kingdom**Security Lead** · We are seeking a Security Engineering Lead for a VC backed AI startup working toward the aim of making general AI safer through scalable alignment research. · The team is working to reach a fundamental understanding of the internal mechanisms of current deep l ...
-
Security Lead
1 week ago
UK Health Security Agency London, United KingdomUKHSA Security is adapting to support current and future requirements. This is a great opportunity for experienced security professionals to join a high-profile government security organisation at a critical time. You will play a key role in helping to shape our capability and be ...
-
Security Lead
1 week ago
Priory Healthcare London, United KingdomAvesbury House is a low secure rehabilitation and recovery facility split into five independent living units, for males aged 18 years and older. We provide 24-hour specialist care and support for those with enduring mental health needs. · Our aim is to support residents to make t ...
-
Application Security Lead
3 days ago
Opus Recruitment Solutions Ltd London, United KingdomRole - Application Security Lead · Location -London (Fully Remote) · Salary - £95,000 - £120,000 + Benefits · Are you an Application Security Lead looking for new challenge? · If so this could be your next step · I'm currently looking for an Application Security Lead to join a cu ...
-
Product Security Lead
3 days ago
Pinkerton London, United KingdomWe are as invested in your career as you are. · As you navigate through these uncertain times, know that Pinkerton has been a stable, thriving corporation for over 170 years. As recognized leaders around the globe in the corporate risk management industry, you can rest assured th ...
-
Product Security Lead
1 week ago
JPMorgan Chase Bank, N.A. London, United KingdomJPMorgan Chase & Co. has expanded its consumer business and we have launched a new digital retail bank in the UK. We are offering consumers a completely new banking experience. Under the Chase brand, the bank provides products and features tailored to meet the needs of customers ...
-
Cyber Security Lead
2 days ago
Doherty Associates London, United Kingdom**About Doherty Associates** · **Doherty Associates (DA) have delivered IT solutions for over 32 years to world-renowned, international clients. Our customers operate mainly in the professional and financial services sector, including leading private equity and venture capital fi ...
-
Lead Security Officer
1 week ago
Bidvest Noonan London, United Kingdom**About The Role**: · **Lead Security Officer** · **London** · **£14.15 per hour** · **60 hours a week, 12hrs Monday - Friday** · **Working BH days as part of the role as Supervisor OOH** · The role of a Lead Security Officer is very dynamic and is an essential factor in the oper ...
-
Security Engineering Lead
2 days ago
GerrardWhite London, United Kingdom**Security Engineer Lead - Global Insurance Organisation - MS/Azure Env - City/Hybrid - Perm** · Join a leading global insurance organisation as a Security Engineering Lead during a time of extensive transformation which includes the development and deployment of a new Azure Infr ...
-
Lead Security Consultant
6 days ago
FPSG Connect London, United Kingdom**Security Consultant Lead/Manager** · Location: London - Hybrid/Remote (anticipated in the office 3 or 4 times a month) · **Salary**: Dependent on experience · **Job Type**: Permanent · **Security Consultant Lead/Manager** · An exciting and diverse career opportunity to progress ...
-
Information Security Lead
1 day ago
Starling Bank London, United KingdomStarling is the UK's first and leading digital bank on a mission to fix banking Our vision is fast technology, fair service, and honest values. All at the tap of a phone, all the time. · We are about giving customers a new way to spend, save and manage their money while taking be ...
-
Cyber Security Lead
3 days ago
Office for National Statistics London, United Kingdom**Location**: Newport, Titchfield (Fareham), London, Darlington, Edinburgh or Manchester · **Salary**: £53,400 - £65,400 - Plus a skills allowance of up to £7,500 · **Working Patterns**: Flexible working, Full-time, Job share, Part-time, Compressed Hours · **Closing Date**: 11:55 ...
-
Application Security Lead
1 day ago
Tokio Marine HCC London, United KingdomJob Title: Application Security Lead · Reporting to: BISO · Position Type: Permanent, Mon-Fri, 9-5 · Hybrid Working: 3 days a week onsite · **Why **Tokio Marine HCC?** · Part of our evolution involves growing our team, and bringing in a range of views, perspectives and background ...
-
Cyber Security Lead
1 week ago
Office of Rail and Road London, United Kingdom**This role can be based in any of our office locations**: London, Birmingham, Bristol, Manchester, York and Glasgow. · The Cyber Security Lead is a new role and will be responsible for leading the work on ORR's Information Security Management plan. This will allow us to protect ...
-
Lead Security Consultant
3 days ago
Atos London, United Kingdom**Publication Date**: · Jan 24, 2023 · **Ref. No**: · 466210 · **Location**: · London, GB, WC1V 6EA · The future is our choice · At Atos, as the global leader in secure and decarbonized digital, our purpose is to help design the future of the information space. Together we bring ...
-
Lead Security Trainer
19 hours ago
Hurak London, United Kingdom**About Hurak Learning**: Hurak Learning is a leading training organisation dedicated to providing high-quality compliance training courses to adult learners nationwide. Our extensive range of courses covers various sectors, including health and safety, security, first aid, food ...
-
Physical Security Lead
1 week ago
EDF Limited London, United Kingdom**Sizewell C. The power of good for Britain.**: · Location:London/Sizewell C · Employment type: Permanent full-time · Employment basis: The role is expected to be a full · - time position however we are open to discussing a more flexible or part · - time approach where possible. ...
-
Security and Compliance Lead
2 days ago
Google London, United Kingdom**Minimum qualifications**: · - Bachelor's degree in Cybersecurity, Computer Science, Risk Management, Auditing, a related field, or equivalent practical experience. · - Experience with UK public sector security and compliance. Experience in Cybersecurity, Engineering Program Man ...
-
Information Security Lead
1 day ago
Starling Bank London, United KingdomStarling is the UK's first and leading digital bank on a mission to fix banking Our vision is fast technology, fair service, and honest values. All at the tap of a phone, all the time. · We are about giving customers a new way to spend, save and manage their money while taking be ...
-
Lead Security Trainer
19 hours ago
Hurak London, United Kingdom**About Hurak Learning**: Hurak Learning is a leading training organisation dedicated to providing high-quality compliance training courses to adult learners nationwide. Our extensive range of courses covers various sectors, including health and safety, security, first aid, food ...
Cyber Security Lead - London, United Kingdom - E1 EDF Trading Ltd
Description
Description
:IT Security is a global function residing within the IT department operating from London and Houston. The IT Security Team Lead will be based in London. The purpose of the IT Security function is to manage cyber risks and issues for EDF Trading globally.
Position purpose
The IT Security Team Lead provides line management to the IT security team in London (4 direct reports), collaborates with the Global Head of IT Security (Houston) to drive the implementation of the global security roadmap and manage day to day security operations for the Europe and Asia region. While the role requires a technical background to provide continuity with others in the team and to be an SME to internal stakeholders for IT Security matters, the role has an emphasis on cyber risk management and governance.
Main responsibilities
Security programme [40%] : Implement and/ or manage the implementation of solutions to counter cybersecurity risks in accordance with the global security roadmap including:
Governance, risk and compliance [20%] : Manage the regional cyber risk exposure and drive compliance with established policies, standards and procedures including:
Security incident response [20%] : Develop and maintain a highly effective cyber incident response capability including:
Team lead [20%] : Lead the London security team and be the central point of contact for IT and business stakeholders in the Europe region for cyber security including:
Experience required
The successful candidate can demonstrate they have:
Technical requirements
Person specification
Hours of work:
40 hours a week, core hours of 8.30am – 5.30pm. Hybrid working policy.