Infosec Operations Manager
Job Title: Information Security Operations Manager
Department: Information Security and Risk
Normal location: Kings Place
Responsible to (Job title): Head of Information Security
Main purpose of job:
- Manage security incidents
- Investigate security alerts
- Analyse security intelligence feeds and manage responses.
- Drive the tuning of alert feeds and improvement in malware signature effectiveness.
Main duties and responsibilities:
The role will be responsible for analysing information security alerts, events and intelligence feeds; evaluating the effectiveness of our mitigating controls and working collaboratively with tech and business teams to implement improvement action plans. Should a breach occur the role holder will be involved in the investigational and analysis elements of said breach.
The following highlights some important responsibilities carried out by the Information Security Operations Manager.
- Maintain and update the Information Security Operations manual
- Respond to and investigate suspected Information Security incidents or breaches
- Respond to Data Loss Prevention alerts and work with our vendor to continuously improve the effectiveness of those incumbent alerts
- Investigate and respond to Host Intrusion Detection alerts
- Review and approve Firewall Rule change requests
- Continuously review anti-virus protection coverage and currency reports and resolve discrepancies
- Continuously review anti-spam effectiveness and tune rules appropriately.
- Continuously review website reputation reports and investigate anomalies and requests for whitelisting.
- Continuously review Google security reports and act on anomalies.
- Evaluate security vulnerability feeds and work with tech teams to mitigate alerts.
- Review vulnerability scan reports and work with tech teams to resolve findings.
- GPG Crypto key management and troubleshooting
- Collaborate with Third Party penetration testers and Cyber Intelligence partners to evaluate our cyber security and implement effective control measures/bug fixes.
- Maintain Amazon Web Service hosted security tools
This job description is a guide to the work you will be initially required to undertake. It may be changed from time to time to meet changing circumstances. It does not form part of your contract of employment and as your experience grows you will be expected to broaden your tasks, suggest improvements, solve problems and enhance the effectiveness of the role.
THIS FORM SUMMARISES THE MAIN ASPECTS OF THE JOB BUT DOES NOT COVER ALL THE DUTIES THAT THE JOB HOLDER MAY HAVE TO PERFORM.
Diversity and Inclusion.
We value and respect all differences in all people (seen and unseen) at the Guardian. We aspire to inclusive working experiences and an environment that reflects the audience we serve, where our people have equal access to career development opportunities, their voices are heard and can contribute to our future.