Lead Security/Operations Engineer

Help us use technology to make a big green dent in the universe!
Kraken powers some of the most innovative global developments in energy.
We’re a technology company focused on creating a smart, sustainable energy system. From optimising renewable generation, creating a more intelligent grid and enabling utilities to provide excellent customer experiences, our operating system for energy is transforming the industry around the world in a way that benefits everyone.
It’s a really exciting time in energy. Help us make a real impact on shaping a better, more sustainable future. 
Kraken Customer
What we do: build the most AI-driven, innovative, forward-thinking platform for energy management. From optimizing resources to delivering cost-effective, exceptional customer experiences through advanced Customer Information Systems (CIS), billing, meter data management, CRM, and AI-driven communications, Kraken is powering the next wave of innovation in the energy industry.
Why we do it: future energy will not look like energy as we know it today. We need to not just think about our future, but build for it. Now.
We're looking for diligent and thoughtful Security Leads to join and help lead our growing security team.
Specifically, we're looking to fill two roles:- Lead Security Engineer- Lead SecOps Engineer
Each Lead will manage a team of 4-6 Security Engineers or SecOps Engineers. The goal of the teams is to maintain and improve security across Kraken Technologies and the wider Octopus Energy Group.
- What Security Engineering does: a mix of hands-on engineering to help develop internal tooling or to improve the security of our platform and applications, and provide advice and guidance to the rest of the business on security best practices.- What Security Operations does: maintains and continually improves logging, monitoring and alerting systems, as well as maintaining the majority of our security tooling ensuring it is fit for purpose and following best practice.

What you'll do: Team Leadership

• Have ownership of a functional team within the Cyber Security Team, working closely with the Director and Heads of Platform Engineering to define strategic objectives and team direction
• Manage team priorities and ensures initiatives are completed within deadlines
• Collaborate regularly and effectively with the rest of the Cyber Security and Information Security Teams to deliver outcomes
• Lead delivery of major initiatives on clear timelines
• Build a strong culture of open communication where teammates can ask questions without fear, promoting a positive and inclusive team environment.

What you'll do: People Management

• Line-manage a group of Security or SecOps Engineers in the same or similar timezone
• Set clear performance expectations and goals for team members
• Regularly review individual and team performance, offering actionable insights and constructive feedback to support and grow team members

What you'll do: Technical Delivery

• Deliver technical improvements
• Support team delivery for example through code reviews, technology research or architectural guidance
• Provide support for production systems owned by your team
• Support the implementation of security processes and requirements
• Stay abreast of emerging security threats, technologies, and industry trends to continuously enhance the organisation's security strategy

What you’ll have

• Proven experience in a leadership role within Security Engineering or Security Operations
• Strong background in Security Engineering or Security Operations, with a deep understanding of security best practices and standards.
• Excellent communication, with a focus on doing this asynchronously
• Experience of mentoring and coaching a team to perform at a high-level of quality
• Experience of incident management
• Previous experience in either:
• working in engineering teams focused on maintaining and improving security of Cloud Service Providers and applications
• working in security operations teams maintaining and improving:
• security logging, monitoring and alerting including playbooks, indecent response and SIEM/SOAR systems 
• security tooling, such as endpoint security or vulnerability management tooling, in line with best practice

What will help

• Security certifications (any of the famous abbreviations) 
• Certifications from cloud providers’ certification paths
• Security qualifications (e.g. apprenticeships or degrees)
• Strong skills in creating high-quality, comprehensive security documentation
• Familiarity with AWS services and experience in managing cloud security services
• Familiarity with CI/CD tooling and security best practices
• Experience using logging and monitoring tools (whether this was a SIEM system or not) to generate alerts and reports
• Experience working in organisations that maintain ISO 27001 and/or SOC 1 and SOC 2 type II certifications
• Knowledge of the MITRE ATT&CK framework

If this sounds like you then we'd love to hear from you.
Are you ready for a career with us? We want to ensure you have all the tools and environment you need to unleash your potential. Need any specific accommodations? Whether you require specific accommodations or have a unique preference, let us know, and we'll do what we can to customise your interview process for comfort and maximum magic!
Studies have shown that some groups of people, like women, are less likely to apply to a role unless they meet 100% of the job requirements. Whoever you are, if you like one of our jobs, we encourage you to apply as you might just be the candidate we hire. Across Octopus, we're looking for genuinely decent people who are honest and empathetic. Our people are our strongest asset and the unique skills and perspectives people bring to the team are the driving force of our success. As an equal opportunity employer, we do not discriminate on the basis of any protected attribute. Our commitment is to provide equal opportunities, an inclusive work environment, and fairness for everyone.