- You have a strong academic background in computer science, information systems or similar discipline with a focus on Security or equivalent proven record of delivery within similar industry roles supported by relevant industry certifications (CISM, CISSP, CRISC or similar)
- An analytical problem solver with demonstrable long-term experience leading and improving operational security functions who enjoys working as part of a team in a rapidly evolving environment.
- Experience of securing large-scale DevOps and Cloud environment(s) is a must, preferably within an international regulated context.
- Highly Proficient in preparation of reports, dashboards, presentations and documentation with excellent communication and leadership skills.
- Partnership across all lines of business and development teams, particularly for incident management, is essential, so you’ll need to be collaborative and good at transparent communications.
- As a rapidly evolving organization, you must also be able to manage change at pace and balance the existing detailed requirements and secure the evidence necessary to meet stringent audit requirements.
- You will be able to react quickly, decisively, calmly and deliberately in high-stress, high-impact situations.
- As a motivated self-starter, you will have a drive to investigate and remediate complex security issue as well as looking to future delivery to protect against emerging threats.
- Ensure incident identification, assessment, quantification, reporting, communication, mitigation and monitoring.
- Revise and develop processes and automation to strengthen the current Security Operations framework, drive efficiencies and reduce time to respond.
- Perform threat management, threat modelling, identify threat vectors and develop use cases for security monitoring.
- Deliver improvements to the internal incident reporting process.
- Responsible for team & vendor management, overall use of resources and initiation of corrective action where required.
- Responsible for managing the completeness and cost of data ingestion into security tooling.
- Creation of reports, dashboards and metrics for operational security and their presentation to senior management.
- Co-ordination with stakeholders, build and maintain positive working relationships with them.
- Develop crisis simulation exercises to meet regulatory requirements and to enhance Planets response capability.
- Build relationships with other relevant organisations and industry bodies to bring in best practice.
- Oversee the scoping, scheduling and preparation of technical testing (Pentesting, Application Testing, VM, etc), managing multiple external suppliers.
- Direct darknet monitoring for threat intelligence to Planet.
- Other related security activities as necessary to support the protection of Planet in line with its business needs.
- Oversight of operational Domain and Certificate management, renewals and creation of consolidated strategy and provider.
- Actively working with technical application and infrastructure teams to ensure correctly deployment and configuration of technical security monitoring toolset and their correct reporting to SIEM / alerting tools.
- Liaison and direction of 3rd party outsourced service providers and resources responsible for security monitoring, alerting, reporting and remedial activities.
About Us