Job description
Head of Security Operations
About us
ESO touches the lives of almost everyone in the UK, moving electricity and gas around an energy network that stretches the length and breadth of the UK. As the world changes to embrace cleaner energy and businesses shift to operate in a more responsible way, we are leading that charge. We are focused on finding ways to decarbonise the energy system.
The ESO sits at the heart of the UK energy system. We move electricity around the system to where it’s needed in homes and businesses, balancing electricity supply and demand second by second, 24x7x365 days a year, keeping the lights on in the UK.
Climate change is the challenge of a generation and the time to act is now. The ESO plays a central role within the energy industry to deliver a greener future, looking at different energy scenarios many years ahead and thinking about how the market needs to adapt to achieve net-zero.
We’re excited and proud of the role we are playing in the decarbonisation of the energy system so come join us, at ESO Digital, Data and Technology, on our truly transformative journey to help shape the future of energy and bring it to life.
Job Purpose
ESO is on a digital and transformative journey. We are transforming the way that we operate and are in the process of adopting a customer-centric product model, shifting our culture to one that is open, innovative and team-driven and deploying market leading and first-in-the world technologies to achieve net-zero operability by 2025.
The Head of Security Operations, Cyber will work closely with both the Chief Information Security Officer (CISO), Chief Information Officer (CIO), and their business leaders. You will play a pivotal role to protect and minimise business disruption to ESO, through delivering best in class cyber security operations.
The critical nature of the systems that the ESO operates and the role that they play in providing essential functions to society, means that the 24/7 CSOC is critical to securing the UK’s energy supply.
The successful candidate will build and maintain the Cyber SOC strategy, future vision and execution plan based on business demand. They will also plan, direct and control the SOC functions and operations to deliver Prevent, Detect and Respond capabilities.
The role will ensure the successful implementation of a Security Operations Centre to support:
- The business as it transforms its services to meet zero carbon operability
- Separation of the ESO business into an independent organisation
Key Accountabilities
- Build, develop and manage a Security Operations Centre, including recruitment of a diverse team and selection of appropriate third-party support.
- Work closely with the separation programme to ensure smooth transition of services and on time exit of the TSAs with RemainCo
- Own the SOC services back to the customer using a service centric customer balanced approach, encompassing the full spectrum of the enterprise, including customers, and partners
- Leadership of the functional unit and the underlying people, process and technology across proactive monitoring, incident response management, cyber crisis management, and threat and vulnerability management
- Create and develop a multi-year SOC programme and investment plan and maintenance, including development of operating model and its underpinning processes and procedures to drive Cyber risk readiness and resilience maturity and improvements to optimised levels, as a central component within the overarching security programme
- Development and maintenance of cyber security incident playbooks and guidance
- Leading the SOC strategy to deliver the People, Processes and Technologies for the FSO
- Establishing and delivering methods & tools which provide value for the organisation by reducing risk
Responsibilities
- Ensure cohesive capability maturity improvement plan, to achieve target maturity appropriate for ESO and risk appetite
- Experience in developing and working with business strategic partnerships – Managed security partners, partnership services and products
- Delivering and maintaining a cyber security dashboard for the CISO, other key stakeholders and executive leadership, with accurate and timely information that reflects the current security posture of the FSO
- Promoting the Cyber Security team across ESO to develop the team profile
- Taking a lead role on security incidents; to help conduct robust investigations in order to identify corrective actions and see them through to completion. Demonstrating gaps and successes from lessons learned
- Working closely with the DD&T Leadership team to have one voice across cyber security
- Collaborating closely with external vendors to bring new ideas / technologies into the business
- Maintain a close working relationship with the CISO to delivery their vision / strategy to the business
- Providing security leadership to operational teams and to brief on the cyber threat landscape to senior management.
- Clearly communicate risks associated with detected events on a technical and non-technical layer to stakeholders
- Help delivering technical detection and response programs and initiatives
- Recruiting and retaining talent
- Operating model development and process improvement
Qualifications/ Experience
- Experience of working within Government and regulated environments.
- Experience of engaging with senior stakeholders
- Significant experience in information security management, data management and/or related functions
- High standards of personal integrity (demonstrated by an unblemished career history), and willing to undergo vetting and/or personality assessments to verify this if necessary.
- Experience of creating and developing a high-performing SOC
- Background knowledge of utility operational technology SCADA systems, Integrated electricity Management Systems (IEMS) with critical operational systems
- At least two of the following MSc Cyber Security or related subject, CISSP, CISM, SABSA, TOGAF, CCSA/CCSP, CCISO, CCDP/CCNP.
- Demonstrable evidence of contributing security subject matter expertise
- Extensive knowledge of a broad range of technical security architecture and standards such as - -NIST Cyber Security Framework -Network Information Systems Directive (NIS-D) -ISO27002 2013 -Cloud Security Alliance Standard
More Information
A competitive salary between £80,000 - £106,000 – dependent on capability.
As well as your base salary, you will receive a company car or allowance, a bonus of up to 20% of your salary for stretch performance and a competitive contributory pension scheme where we will double match your contribution to a maximum company contribution of 12%. You will also have access to a number of flexible benefits such as a share incentive plan, a salary sacrifice technology scheme, support via the employee assistance line and matched charity giving to name a few.
#LI-RL1
#LI-HYBRID