Skip to main content
Search

InfoSec Operations Centre Manager

Job ID: 4756M Location: Paddington Contract: IT Contract: Full Time Salary: Negotiable Closing Date: August 31st 2021, 11:55 PM

Advance the world of digital through M&S

Leading the transformation of an industry. The continuous pursuit of new information, resourcefulness and invention. Thousands, if not millions of people benefiting from your product-led ideas, every day. That’s why you join M&S Tech. Here, you’ll be proud of your projects, enhance your understanding of new technologies, and shape the future of a new, digitally prevailing brand of retail. Progress isn’t in the pipeline, it’s already happening. And we’re as determined to advance technology through M&S, as we are to advance M&S through technology. Want to help us?

It’s a mindset, a special drive and an enthusiasm that says, ‘We can’t wait to solve this problem’. It’s growing closer as a team through deep discussions about the technologies we love, whether next-gen or old classics. Most of all, it’s wanting to share that excitement with our customers and colleagues – reinventing retail into its most innovative form, then unlocking fresh potential and raising the bar yet again.

Explore M&OS

Success Profile

Innovative

Technologist

Integrity

Accountable

Benefits

Pay

Our salaries are competitive and reviewed every year.

Colleague Discount

Receive 20% discount in-store and online for you and a partner or family member.

Holidays

A minimum 28 days’ statutory holiday per year, pro-rata if you’re part time.

Bonus

We have discretionary bonus schemes depending on the role that you do and the performance of our business.

Pension

If you save 3% of your pay into our Pension Saving Plan we will add an extra 6%. More details at www.yourmandspension.com

Life Assurance

Free cover of two times your annual salary up to age 70. If you pay into our Pension Saving Plan we double this to four times.

Sharesave

Allows you to save between £5 and £250 per month for three years with the option to buy shares at a 20% discount – or simply take your savings back.

Sharebuy

Invest between £10 and £180 each month from your gross salary to buy M&S shares and build up an investment.

My Choices

Enjoy savings on everyday costs to holidays, recognise your colleague’s success and get more information and support on your wellbeing & benefits.

Cycle to Work

Hire a bike and accessories through Cycle to Work and save on tax and national insurance.

SmartTech

Buy the latest technology with interest free financing directly from your salary.

Health & Wellbeing

Save money on you and your families medical and dental expenses. Get great discounts on gym memberships, active wear, and health products.

Mental Health Support

Free 24/7 support from our expert health and wellbeing partners PAM Wellbeing - including free counselling and CBT as well as support for your family.

Giving Back

Support charities you care about the most by donating through your pay or even volunteer for them for one day.

Financial Wellbeing

Access to information and support to help you manage your finances from long term savings to managing your debt or money worries.

InfoSec Operations Centre Manager

Job Description:

InfoSec Operations Centre Manager

Job Purpose

The role’s purpose is to support the InfoSec Operations Manager, to both manage and own the M&S Global Security Operations Centre. Providing oversight of M&S colleagues and Managed Security Service Provider as per the key accountabilities and responsibilities. Also, to drive improvements in all products and services provided by the Security Operations Centre with main focus on ‘Detection and Response’ to security events.

Key accountabilities & responsibilities

The Information Security Operations Centre team provides a multi located service that covers event management, incident response, investigations and forensics, threat hunting and security monitoring.

Protect company and its customers from materially impactful events to its Business, Brand and Customer e.g. catastrophic events, significant financial losses, and highly embarrassing events.

Operationalise effective Information Security Operation Centre Services and controls to protect core business processes and customer data i.e. (Identify, Detect, Protect, Respond and Recovery controls.

Identify and respond to threats: Incorporating industry intelligence to enable proactive threat detection, containment, and response.

Work with the SOC Leads and Service Delivery Managers to deliver activities within the continuous programme of Information Security Operations Centre improvement relating to Information Security monitoring and incident response for application, infrastructure, and all critical services.

Lead and maintain Information Security tooling owned and operated by the Security Operations Centre.

Lead Cloud Information Security specific subscriptions

Chair daily, operations Stand-Up calls, maintain actions and raise any issues.

Report and Maintain Key Risk, Performance and Success Indicators for the team.

Act as a liaison between industry peers, government agencies (including law enforcement) and other specialists.

Utilize commercial intelligence providers to gain insight into existing activities in the fraudster communities, as well as planned activities and emerging motivations.

Develop and maintain the security incident response and management process, including all required supporting materials.

Coordinate with the Security Operations Centre provided internally or by an external run security services provider, to identify and assess Information security incidents.

Advise the InfoSec Management team of significant emerging threats, and recommend tactical steps to counteract these threats.

Deliver Management Reporting on a regular and ad-hoc basis

Mentor junior members of the team, helping them through the more intricate incidents.

Effectively connect with internal partners (technical and non-technical) and suppliers to provide updates on threats and/or to deliver key projects.

Make and drive recommendations to improve operational efficiency

Security Operations Centre documentation review and approval

Measure, run and mitigate Information Security risk to and acceptable level and demonstrate compliance

Key Experience

Crucial

  • Strong management and influencing skills
  • Strong verbal and written communication skills are crucial to success in this role
  • Proficiency in preparation of reports, dashboards, and documentation
  • Ability to work well in a diverse team
  • Methodical and principled work approach
  • Good problem-solving analytical skills
  • Good interpersonal skills
  • Experience of Security Incident Management and Response, including within a DevSecOps operating model
  • Knowledge and demonstrable experience of Information security technologies and methodologies
  • Security event log collection and analysis
  • Experience of vulnerability and threat assessment
  • Experience of Intrusion detection and prevention systems
  • Experience of Web-based application security
  • Experience of Cloud systems and their Architecture (Azure, AWS)
  • Experience of working in a 24/7 Security Operations Centre environment
  • Experience of Incident Handling processes and procedures
  • Demonstrable experience of working efficiently with led suppliers and vendors
  • Awareness of Agile environments and practices
  • Awareness of various operating system flavours including but not limited to Windows, Linux, Unix
  • Awareness of Database technologies (SQL, Oracle, DB2, Mongo) and associated threats
  • Awareness of security controls in widely used technologies e.g., MS Office 365
  • Awareness of Incident Management and Response tools - IBM Resilient, Remedy, Remedy CMDB
  • Excellent communications skills – both oral and written
  • Effective planning and prioritisation skills
  • Tried arranging and influencing skills

Desirable

Qualifications

  • Ideally have Industry Standard qualifications and training such as SANS; GIAC; CISSP
  • Preferably a bachelor’s or master’s degree in Information Technology and/or Information Security

M&S is ready to push boundaries to lead the industry into a greener, speedier, more inspiring digital era. That’s why we’re revolutionising how we work and offering our most exciting opportunities yet. There’s never been a better time to be part of our team. Marks & Spencer aims to be an inclusive organisation, trusted and admired by our colleagues, customers and suppliers. Join us and make an immediate impact. We are committed to an active Inclusion, Diversity and Equal Opportunities Policy, which starts with our recruitment and selection process, and we are happy to talk smart/flexible working. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process. If you consider yourself to have a disability or learning difficulty which means you are unable to complete the application process online, please get in touch either by phone on 0345 300 3725 or by email recruitment.online@marksandspencer.com so we can make alternative arrangements for you.