Find More Than 10K+
United Kingdom Jobs

Division/Dept

SOC, Testing, Engineering and Architecture

Data Governance and Information Security, Corporate Services

Location

Flexible

Reporting to

Security Operations Centre Manager

In a nutshell

The Security Operations Centre is responsible for ensuring the optimal performance of SOC technology, processes and people reducing information security risk and minimising business disruption. They use collaborative business engagement to support the delivery of consistent security and data governance services and controls that meet the organisation’s risk appetite and strategic direction.

What you need to do

Operating at a Group Level, the role has the following key teams / responsibilities.

• Responsible for the management of the technology, processes, and people, including vendors and partners and support the delivery of the SOC roadmap.
• Ensure relevant day to day monitoring of our key assets and endpoints, with appropriate alerting and event management.
• Responsible for the delivery of management information and key performance indicators.
• Prioritisation of key objectives to improve protective controls, detective capabilities and incident response processes.
• Assist our security product and engineering teams to refine operational inputs and deliver required outputs to our stakeholders.
• Manage security incident resolutions with support from SOC analysts and business colleagues ensuring root causes, forensics and lessons learnt are managed appropriately.
• The role will require you to continually drive improvements within the team, measure and evolve our capability to ensure our services are delivered effectively and in line with Sainsbury’s future ways of working

What you need to know and show

• Proven track record in developing excellent relationships with senior stakeholders including delivery of robust and effective challenge.
• Excellent interpersonal communication skills and able to effectively articulate in both technical and non-technical terms.
• Ability to balance strategic thinking with a pragmatic approach to ensuring delivery of work.
• Proactively reflect and challenge when results aren't being achieved and addresses areas requiring resolution. Coaches’ others to recognise barriers to success and enables others to manage these issues.
• Enables team to stretch, develop and reach their full potential through setting challenging but realistic performance standards, providing suitable opportunities.
• Coaches’ others to deliver winning outcomes and to make decisions based on a clear understanding of the changing security landscape.
• Risk Management experience and demonstrated ability to prioritise risk.
• Experience presenting and reporting on project plans and progress to appropriate stakeholders, executives, and senior management.
• Strong analytical and report writing skills.
• Understanding of data related risks in a complex organisation (including regulatory requirements).
• Personal accountability.
• Drive, ambition, and enthusiasm.

What decisions I can make

• Recommend appropriate security controls.
• Recommendation to wider organisation on matters relating to information security including suggested course of action to serious security breaches.
• Assignment of colleagues to the various functions in span of control.
• Day to day decisions around Team management and administration.

Resources available to me

• Team of 10 colleagues
• SOC Manager
• Head of Information Security
• Group CISO and Head of Data Governance
• Rest of the Information Security and Data Governance Team including:
• Product Assurance Team
• Data Protection Officer(s)
• Data Clinic Lead and Manager
• Enterprise and Solution Architects, various Working Groups including Data Governance Committee, Customer, Colleague, Finance etc
• Industry and national bodies
• 3rd party service providers (as appropriate)
• Third Party contractors.
• Industry and national bodies (as appropriate)