Cyber Security Manager – Remediation – Vulnerability management –

Recruiter
Nexere Consulting Limited
Location
United Kingdom
Salary
70000.00 - 80000.00 GBP Annual
Posted
12 May 2022
Closes
17 May 2022
Job Type
Cyber Security
Employer Sector
Technology, IT & Telecoms
Contract Type
Permanent
Hours
Full Time

Role: VSOC Remediation Manager

The Opportunity:

Be part of a cutting–edge Security Operations tailored to address cyber security concerns of vehicles the manufacturing of vehicles and the supporting business functions of Information Technology (VSOC).

The VSOC Remediation Manager is accountable for supporting remediation efforts and thematic data analysis and reporting within the organization. The manager will support a near time risk and impact determination of cyber threats to the company business providing outputs into senior business stakeholders to enable consultation into the decision making of remediation and future security controls and security architecture strategy. Engage remediation teams to ensure that remediation efforts are documented and completed in a timely manner through coordination with internal teams. They will manage relationships with stakeholders, both within and outside Cyber, to deliver on the common goal of protecting the organization.

Key Responsibilities and Accountabilities:

In this role you will work with the Global Head of Cyber Security Operations and the CISO to ensure the business function of the VSOC is fit for purpose and that the strategy and alignment of future requirements are identified. You will also interface with the SOC/VSOC service management teams to ensure feedback on performance of the overall business cyber risk is communicated.

You'll be liaising with the SOC team to ensure triaged cyber security concerns are fit for purpose and support the identification of threats.

To be successful in the role you will need to work closely with system owners and security architecture teams to ensure that current architecture and security control alignment are documented and up to date to enable an expedient residual risk determination.

Lastly, you will be maintaining process and procedural documentation to support the VSOC and consult on Cyber Security Threats and Risk while producing metrics to measure Cyber Security Threat and Risk as well as security architecture and system architecture drawings.

Produce white papers on key findings an initiative to enable the consultancy of improvement to cyber security controls

This team:

Reviews, documents, and reports remediation actions and security gaps identified through the life cycle of issue identification and management through root cause investigation, taking ownership of the process to facilitate permanent resolution and closure

Works with all relevant internal technical teams, incident management, and the various lines of business to assist in the determination of root cause on incidents to prevent recurrence of issues

Maintains an inventory of problems under analysis and their current progress and status

Creates periodic reports on the remediation progress and problem trending

Creates, assigns, and tracks project timelines and actions to facilitate complete and accurate methodology or framework execution

Drives the resolution of technical problems where analysis requires evaluation of areas whose focus is driving the remediation of services with support teams

Works with reputation management vendors to review and remediate external security posture scoring metrics

Works to review, define, and develop cyber processes

Knowledge, Skills & Experience Required

Essential:

Knowledge of Threat Modelling frameworks PASTA, STRIDE others.

Knowledge of Risk frameworks such as FAIR, 27004, 27001, 27001

Knowledge of Architecture frameworks Togaf, Sabsa

Familiar with information security frameworks such as, COBITv5, ITIL, SANS Top 20 CSC, OWASP, CyberEssentials or other similar frameworks.

Knowledge or exposure to Cloud technologies, such as IaaS, SaaS & PaaS deployments

Relevant degree or equivalent experience preferred

Understanding of Operational Technology and the challenges involved in securing It

Understanding of network designs with a view to protecting plant floor networks

Desirable:

IT security certifications such as CISSP, SANS, ISO, ITIL, TOGAF

Vulnerability Management experience with tools such as Qualys, Tenable Kenna

Experience in IoT technologies & connected car

Understands Cloud infrastructures AWS, GCP, Azure

Similar jobs

Similar jobs