Head of Security Operations

Head of Security Operations

Department: IT Operations

Employment Type: Permanent - Full Time

Location: London

Reporting To: Kirsty Kelly

Description

As Head of Security Operations, you will be responsible for leading the day-to-day operational cybersecurity functions for the Group. You will ensure robust, efficient and globally coordinated security operations that protect the organisation’s people, systems, and data. This includes direct ownership of security controls, security testing, vendor management, vulnerability and threat management, and incident response. 

You will work daily with the Group CISO to support consistent, high-assurance security practices across all regions, in-line with regional regulation and to support the management of cyber incidents. It is essential the individual who will fill this role has prior management experience, has supported building security teams previously and has knowledge around their responsibility at this level to report incidents and security concerns within regulatory timelines and standards.

About the role

Within this role, you will have been supporting the Group CISO by managing the security team and programmes of work in your responsibility area. You will be responsible for the management of any global Cyber Incidents by supporting the CISO team. Additionally, you will be:

• Working collaboratively with the SOC to ensure 24/7 visibility and threat detection across global environments, driving maturity and constant improvements to support the ever-changing threat landscape. 
• Defining and monitoring KPIs for detection, response, and containment performance.
• Owning and managing key security controls, along with managing the vendors responsible for supporting CFC. 
• Ensuring security controls are deployed, tuned, and monitored effectively across cloud and on-premises assets.
• Leading the organisation’s global vulnerability management program, ensuring threat led and risk-based prioritization, along with collaboration with IT for timely remediation.
• Leading on and refining the incident response playbooks
• Support the Group CISO to define security maturity programme roadmaps, priorities and success metrics. 
• As well as many more SecOps focused tasks.

About you

The ideal candidate will come with demonstrated leadership and ability with the ability to motivate high-performing, globally distributed security teams. Also, you will have:

• Experience with cloud-native security in AWS, Azure, or GCP.
• Proven success scaling security operations across geographies
• Exceptional analytical and decision-making abilities during BAU and incidents. 
• Strong technical ability to understand and manage security tooling, integrations, and data pipelines.

Core Values

Love what you do:
We show up each day ready to take on the world. Our passion and intensity set us apart and makes the difference to our colleagues, customers, brokers and carriers.

Challenge everything:
We’re never afraid to question the way that things are done and we constantly challenge ourselves and others to makes things better.

Have fun, be good:
Insurance is a serious business, but we don’t take ourselves too seriously. We make it fun to work at CFC, we welcome all viewpoints, and we treat everyone how we would expect to be treated.