Security Incident Manager
About Information Technology
Information Technology within Countrywide provides and supports all aspects of the technology that our colleagues use in the operation of our business. This includes delivery of change projects, managing our 3 rd party suppliers, setting the standards for our technical architecture and ensuring our technology meets compliance and regulatory obligations, as well as maintaining and operating our estate to ensure our business colleagues can work effectively.
Our IT Security function is responsible for setting the IT security standards that we will apply to our organisation and technology estate and driving initiatives that mature our defences.
About the Role
The IT Security team manage all aspects of IT security as well as ensuring the IT function is compliant with its regulatory obligations. This includes setting policies and design standards for the technical estate and the processes we use, assuring on going compliance and recommending & delivering new remediation and continuous improvement initiatives. The team also take the lead on managing security incidents and share good security practise with our business colleagues.
The Security Incident Manager leads and manages Countrywides response to Security Incidents ensuring that stakeholders are kept informed and that internal teams & 3rd parties are driving towards resolution
-Managing Countrywides response to security incidents
-Notifying relevant stakeholders of the threat/compromise and keeping them informed of implications and progress
-Identifying potential vulnerabilities in Countrywides technical estate and proposing fit-for-purpose solutions that address the immediate and longer term weaknesses
-Working with projects and Operational teams to embed Security by Design into ways of working
-Sharing your subject matter expertise with IT and wider business stakeholders, using appropriate mechanisms to educate and develop awareness of security threats
-Personally, adhering to Countrywides standards and policies including those regulatory and legal obligations that are our passport to do business. Identifying and appropriately escalating if you identify any breaches
- Assessment and business impact of new vulnerabilities released
- Developing, implementing and maintaining industry-standard policies, processes, procedures and artefacts that drive consistent management and resolution of security incidents.
-Ensuring internal and 3rd party teams understand and adhere to agreed Security standards
-Working with the 3rd party supplier of Managed Security Service Provider to implement fit for purpose monitoring of the Countrywide technical estate. Reviewing output, identifying improvements and participating in supplier management activities
-On identification of a potential security incident, leading investigation activities and managing actions that address immediate and long term threats
-Engaging relevant 3rd parties and managing cross-supplier actions that drive resolution
-Working with Service Desk and internal teams to educate and inform team members in identifying potential security incidents raised by users
- Ensuring that communication regarding security incidents is timely, issued to the correct stakeholder communities and uses language appropriate to the audience
-Developing sufficient understanding of the existing and new technical estates in order to identify areas of potential vulnerability
-Providing subject matter expertise to projects and operational teams, proposing designs and solutions that strengthen Countrywides defences
-Tier 3 investigations (for analysis of events, Basic malware analysis, IR)
- 1 - 3 years in the IT Security function of a regulated organisation
- 2+ years of experience handling IT Security incidents and Security threat management
- Relevant Security qualifications
- Demonstrable evidence of contributing Security subject matter expertise to projects and Operations teams
- 2+ years of experience using 3 rd parties to successfully resolve incidents and overseeing an MSSP
- Excellent written and verbal communication skills. Able to translate technical language into clear, accurate terminology that non-technical people understand
- Resilient, adaptable and looks for opportunities to contribute
- Demonstrable experience in developing and maintaining strong relationships with internal and external stakeholders
Must be a self-starter, proactive, highly organised and demonstrate willingness to take ownership of actions, seeing them through to completion through self and others as appropriate
- You must be willing to travel within the UK and stay away from home on occasion
- You must be willing to occasionally work unsociable hours.