SOC Lead - Security Operations

Job Type IT
Region South East England
Location Bracknell
Preferred Hours Full and Part Time
Partnership Level
This role is at Partnership Level 6 and includes entitlement to the following additional benefits:
  • Invitation to join the Bupa Private Medical Insurance scheme
  • 5 weeks holiday
Further details will be provided at interview and upon successful offer
Closing Date 14/8/2020
Vacancy Type
Salary £53,000 - £76,000
Salary Frequency per annum
Hours of Work
35 hours per week - Monday-Friday - 09:00-17:30

*We have a number of different ways to work flexibly so at your interview feel free to talk about what flexibility means to you. There are no guarantees, however, it may open the door to not only a new role but a new way of working.*

Duties & Responsibilities

What's the role about?

The John Lewis Partnership's Information Security strategy is bold and ambitious. We provide a collection of security services, delivered through people, processes and technology. Working collaboratively, these services ensure that customers can shop with us efficiently, safely and securely, every single day.

As the Information Security Lead, you will be responsible for the day-to-day operation of our Incident Response service which provides our front line of cyber defence - mitigating and defending against malicious cyber activity and adapting to an ever-changing threat landscape. It's a fantastic opportunity to get hands-on with market leading next-generation cyber security tools, where you'll be empowered to innovate within a supportive, collaborative and social team environment and agile culture.

If you are passionate about cyber security, if you thrive and perform in fast-paced, high-demand scenarios, and if you want to make a real difference at the UK's largest co-owned retailer, then this role is for you.

Job Requirements

What you'll be doing:

As the Partnership's Information Security Lead for our Incident Response Service you will be highly technical and a subject matter expert for your service, leading investigations and providing technical expertise for all types of cyber security incident. You will be coordinating resolution activities across a wide range of stakeholders, providing an escalation path when required and will be supporting the development of the Incident Response analysts through coaching and training.

You will assist with the development of use cases, playbooks, policies and custom tooling to improve our security maturity, recommend improvements or new features where the service is deemed to be lacking and define ways of working or process amendments that allow the team to meet the objectives of security, reliability and availability.

You will also take responsibility for task management for all team members of the service and for reporting key performance metrics to the service owner. The Information Security Lead will additionally act as deputy for the Information Security Manager when required.

Please note that as part of this role there will be a requirement to join an on call rota, supporting the business as and when needed outside of normal business hours.

Why do our Security Operations Partners love working for us?

"We have a friendly team culture where everyone is keen to develop their skills and support those around them. I've been given great opportunities to further my career. The work we do is challenging and varied, and it's really satisfying to be part of a team that's integral to protecting our customers and Partners." - Laurence Jeffcoate - Information Security Analyst

Required essential experience skills and qualifications

What you'll have:

- Demonstrable experience performing a senior role in a SOC environment or similar, with a focus on cyber security incident detection, response and resolution.
- Hands-on technology management experience directly relevant to Information Security Incident Response or an accreditation such as ISC2 CISSP or Certified Ethical Hacker.
- Confidence in owning a BAU relationship with multiple third parties.
- Proven ability to work under pressure in a fast-paced environment and succeed in ambiguity.
- Strong attention to detail with an analytical mind and outstanding problem-solving skills, especially in performing tasks such as log analysis.
- Great awareness of cybersecurity trends and hacking techniques both internal and external to the Partnership, and a familiarity with tools like Kali Linux, Burp Suite, Nmap or similar.
- Strong management reporting and communication skills; ability to write or present actionable intelligence derived from raw data.

Required desirable experience skills and qualifications

What else you can bring to the role

- Expertise across a number of the following areas: Google scripting, ServiceNow, JIRA, Splunk, Reverse engineering, Digital Forensics, Working with Law enforcement
- Experience in creating BAU runbooks, use-case definitions and operating procedures.
- Experience and expertise in the use of security frameworks such as Mitre ATT&CK, NIST and the ISF's Standard of good practice.

*Please refer to attached job description for full details of role and requirements.*
*Please note that we reserve the right to close the vacancy earlier than advertised due to high volume*

Internal Use Only:
Information Security Lead - Incident Response - Job Description - PLEASE SAVE FOR FURTHER REFERENCE  


Latest opportunities

Customer Delivery Driver - PM shift, Enfield Customer Fulfilment Centre (CFC)
  • Enfield CFC, London
  • £10.58 - £13.23 depending on relevant experience
  • Closing Date: 7/8/2020
Mushroom Farm Worker, Leckford
  • Leckford, South East England
  • £8.72- £10.30
  • Closing Date: 9/8/2020
Customer Delivery Driver Installer PM, Avonmouth
  • Avonmouth, South West England
  • £12.22 - £15.89
  • Closing Date: 13/8/2020