Security Operations Lead - Wrexham, United Kingdom - Chetwood Financial Limited

Chetwood Financial Limited

Verified Company

Wrexham, United Kingdom

1 week ago

Posted by:

Tom O´Connor

beBee Recruiter

Description

About Chetwood Financial Bank:

We are a digital, forward thinking fintech Bank using the best technology to help make our customers financially better off.

We focus on creating distinctive and disruptive financial products for underserved segments of the market.

We are experts within the intermediary market specialising in Loans and Savings as well as buy to let mortgages. Our tech platform is designed to make buy to let mortgages smarter, faster and simpler for brokers and landlords.

We have secured strategic investment from Elliott Advisors of over £150mil of capital, underpinning the planned growth of the business over the next few years.

Chetwood is rapidly growing its mortgage portfolio. This has resulted in relationships with multiple third-party service suppliers being setup, requiring appropriate oversight. You will ensure that service providers meet contractual commitments whilst maintaining performance and managing risk.

Where necessary, you will be expected to challenge existing performance, and ensure you remain up to date with upcoming industry changes and impacts.

Role Purpose

Chetwood have embarked on an ambitious journey to embed world class Security Operations practises into an already impressive set of cyber security capabilities.

We are looking for a highly driven and technically excellent individual who has the passion and drive to enhance our current operational processes and procedures, and achieve the desired next level in capability maturity.

The role is a key part of the Cyber/Information Security function. It plays a key role in the security service offered to keep the Bank and our customer assets safe. As a Security Operations Manager you will contribute across broad range of initiatives covering, but not limited to Security Assurance, Threat Detection, Risk Mgmt, Cloud Security Posture Mgmt (CSPM), Threat Intelligence, Vulnerability Mgmt and Incident Management and Response

Responsibilities:

Accountability for delivering and maintaining our Security Incident Management Procedures, along with Security Playbooks and Runbooks to optimise our ability to defect and recover from threats
Accountability for Security Event Monitoring, Threat Detection and Incident Triage and Response capabilities
Accountability for the Security Operations aspect of the Security Roadmaps and day to day activity planning
Contribute towards the InfoSec Risk Mgmt practice
Responsibility to Perform Risk and Threat assessments
Accountability for our Threat Intelligence Programme
Accountability for Vulnerability and CSPM compliance reporting
Accountable for Security Assurance practices, such as Supplier Due Diligence, Project golive assessments
Accountable for Penetration Testing Mgmt
Accountable for Security Education and Awareness campaigns

**Skills and experience: - Experience of Control Frameworks and Industry standards such as ISO 27001 ISMS, ISO 27002, NIST CSF, NIST SP GDPR, PCI DSS, Payment Services Directive 2 (PSD2), Cyber Essentials, CIS Benchmarks and Digital Operational Resilience Act (DORA)

Experience of Metric driven Security Operations Performance tracking
Experience managing a Security Operations Centre (SOC) is highly desirable
Experience of Public cloud architecture and DevSecOps practices are highly desirable
Selfstarter, willingness to learn new skills and be selfmotivated.
Excellent verbal and written communication skills.
Excellent leadership skills

Relevant certifications
There are no formal requirements for any qualifications or certifications. However, one or more of the following may serve as an advantage, or a willingness to work towards.

Technology recognised certifications such as Public Cloud (AWS/Azure/GCP)
Industryrecognized certifications such as CompTIA Security+, GIAC Security Essentials (GSEC), ISACA Certified Information Security Manager (CISM), NCSC (GCHQ, UK GOV) Certified Cyber Professional accreditation or equivalent.

Chetwood is an equal opportunity employer that is committed to diversity and inclusion in the workplace.

We prohibit discrimination and harassment of any kind based on race, colour, sex, religion or any other protected characteristic as outlined by the law.

Data Protection

We anticipate that we will retain your data as part of the recruitment process for no longer than is necessary for the purpose for which it was collected unless we have sought your consent to keep your data for future suitable job vacancies.

Chetwood Financial Ltd does not accept speculative or unsolicited CVs from Recruitment Agencies.

Any unsolicited CVs received will be treated as the property of Chetwood Financial and Terms & Conditions associated with the use of such CVs will be considered null and void.