Head of Information Security Operations
Company Description
- Ensure that the confidentiality, integrity and availability of information systems are maintained to
protect customer, corporate and 3rd party data. - Responsibility for the management of the Three CERT function.
- Responsibility for the management of the SEIM and SOC partners of Three.
Job Description
- Creation and maintenance of Information Security processes and procedures to support business
policies and operations. - Provide leadership and management of Information Security Operational teams to ensure efficient
and effective, proactive and reactive security monitoring and defense across information assets. - Ensure regular KPIs are developed and maintained and identify areas for improvement and make
recommendations accordingly. - Be the lead in Cyber security incident response and ensure processes and procedures and
playbooks are efficient, effective and are tested regularly in line with policy. - Develop and maintain a schedule of operational checks to ensure the confidentiality, integrity and
availability of Three information assets is maintained and in-line with compliance and regulation. - Act as an escalation point for Information Security Incidents, changes and problems.
- Responsibility for IDAM management and control.
- Production of Risk Landscape documentation in conjunction with the Information Security Risk
functions and other colleagues.
Qualifications
- Extensive commercial experience with the following technologies/systems:
• Check Point Firewall/NIDS/DLP/Anti-Virus/Identity Awareness/URL Filtering
• SIEM/Splunk
• Enterprise Desktop and Server Anti-Virus/Malware and endpoint protection technologies
• Vulnerability Security Scanning e.g. Nessus
• Microsoft Windows Server family of products.
• Operational experience of PCI DSS
• Citrix XenApp, remote access products.
• LAN & WAN networking using Cisco routers, switches and infrastructure products.
• Good understanding of TCP/IP
• Identity and access management systems
• Active Directory, GPO Configuration
• Citrix /VMWare - Experience of managing and developing a SIEM system, and feeding events into a SOC in order to
identify and alert on security incidents - Understanding of security issues and ability to allocate work to appropriate resources and manage
escalations effectively - Understanding of vulnerability management and defence against attacks in order to drive the business
in improvement - Understanding of Identity and Access Management function and technology in order to drive
improvement of the function
Additional Information
- The salary range for this role starts at £82,400, the exact salary will differ by job and experience
- A car allowance, a performance based annual bonus & an additional 'flexible allowance' to spend on additional benefits, topping up your pension, or to be added to your salary.
- Hybrid working between your home (2-3 days a week) and our brand new Reading HQ office at Green Park (2-3 days a week)
- 28 days annual leave + 8 bank holidays + 3 personal days annually, which increases with length of service.
- Private Medical Insurance, Life Assurance and Income Protection.
- Free mobile phone package & unlimited sim-card
- Free on-site car parking
- Plus lots more including wellbeing and learning & development benefits!
Our people make us who we are. We're a diverse and inclusive bunch, and it's important you can feel you belong here. We value everybody for who they are and what they bring to the table, supporting one another as we continue to deliver for our customers.
At Three we have a hybrid working arrangement in place as standard for office based employees, where employees work from a mix of office based location and working from their home in the UK to carry on their role.
Excluding retail, core hours at Three are between 10:00 and 16:00, with operating hours between 08:00 & 18:30. This allows employees to have a start time between 08:00 and 10:00 and finish time between 16:00 and 18:30.]]>