• FredaJ

Cyber Security Operations Manager Job Description

Job Summary-Cyber Security Operations Manager Job Description

Cyber Security Operations Manager Job Description to manage day-to-day customer facing Cyber Security operations and protect organisation activities. Will adopt cyber security good practice and ensure information security requirements are considered, documented and adopted by the Operations Team in all dealings with customers, third parties and suppliers; as well as maintaining a comprehensive view of the threat

landscape and comprehensive reporting to senior management.

Main responsibilities-Cyber Security Operations Manager Job Description

The Cyber Security Operations Manager has primary responsibility for leading and managing the Cyber Security Operations Team.

1. Manage the Cyber Operations Team, ensuring adherence to cyber security policies and procedures in all aspects of cyber operations including monitoring, reporting and training.

2. Provide leadership, management, direction in all aspects of managing cyber security events, ensuring they are addressed in a timely manner and are resolved appropriately.

3. Act as a point of escalation for cyber security matters.

4. Initiate the execution of the incident response process to ensure the resolution of incidents, keeping line management appropriately informed.

5. Develop, document, and maintain security procedures and processes.

6. Monitor systems for security gaps and emerging security threats and collaborate with colleagues to design effective solutions when issues are identified.

7. Coordinate reactive and proactive work to reduce the risk and impact of threats.

8. Co-ordinate and perform forensic investigations, maturing the cyber incident detection and response capabilities.

9. Contribute to the design, implementation, operation, and maintenance of the Information Security Management System based on the adopted standards.

10. Have oversight of complex IAM implementations from project inception through to final signoff and day-to-day operations.

11. Ensure continuous improvement of existing security controls and assessing new tools/capabilities for recommendation to senior management.

12. Recommend changes to Infrastructure and Cloud services which improve the security posture.

13. Work with risk management peers to ensure control consistency.

14. Provide comprehensive security reporting and updates to management staff.

15. Work to maintain and increase your awareness of cyber security related technologies and threats.

16. Proactively manage the 3rd party SOC to ensure standards and services are maintained.

17. Further the profession, demonstrating and sharing good practice within and outside the organisation.

Knowledge Skills and Responsibilities-Cyber Security Operations Manager Job Description


• A first degree in Electrical Engineering, Computer Science or comparable discipline required;

Demonstrable job experience can be considered in lieu of a degree.


• Experience of leading a cyber security function

• Extensive technical experience of working in a cyber security operations function.

• Technical knowledge, hands-on experience of configuring security tools.

• Fundamental understanding of computer technologies, how they are networked together, different protocols, operating systems and applications.

• Experience of identifying and investigating technology to understand the security flaws and how to mitigate them.

• Understanding of disruptive trends, and evolution of IAM solutions.

• Proven ability to work under stress in emergencies, with the flexibility to handle multiple highpressure situations simultaneously.

• Good working knowledge of cyber security regulations and standards.

• Experience of working with colleagues with responsibility for GDPR and Data Protection.

• Track record of working collaboratively and communicating effectively with a range of

technical and non-technical colleagues.

Knowledge and Skills:

Strategic planning (Level 6)

• Sets policies, standards, and guidelines for how the organisation conducts strategy

development and planning.

• Leads and manages the creation or review of a strategy that meets the requirements of the business.

• Develops, communicates, implements and reviews the processes which embed strategic management in the operational management of the organisation.

Information systems coordination (Level 6)

• Maintains awareness of the global needs of the organisation.

• Promotes the benefits that a common approach to technology deployment will bring to the business as a whole.

• Coordinates and collaborates with others on the promotion, acquisition, development, and implementation of information systems and services.

Emerging technology monitoring (Level 5)

• Monitors the external environment to gather intelligence on emerging technologies.

• Assesses and documents the impacts, threats and opportunities to the organisation.

• Creates reports and technology roadmaps and shares knowledge and insights with others.

Continuity management (Level 4)

• Applies a structured approach to develop and document the detail for a continuity plan.

• Maintains documentation of business continuity and disaster recovery plans.

• Supports the development of a test plan and implementation of continuity management exercises.

Information security (Level 5)

• Provides advice and guidance on security strategies to manage identified risks and ensure adoption and adherence to standards.

• Contributes to development of information security policy, standards and guidelines.

• Obtains and acts on vulnerability information and conducts security risk assessments,

business impact analysis and accreditation on complex information systems.

Investigates major breaches of security, and recommends appropriate control improvements.

• Develops new architectures that mitigate the risks posed by new technologies and business practices.

Vulnerability research (Level 6)

• Plans and leads the organisation’s approach to vulnerability research.

• Identifies new and emerging threats and vulnerabilities. Maintains a strong external network. Takes a leading part in external-facing professional activities to facilitate information gathering and set the scope of research work.

• Engages with, and influences, relevant stakeholders to communicate results of research and the required response.

• Develops organisational policies and guidelines for monitoring emerging threats and


Threat intelligence (Level 6)

• Sets direction, plans and leads the organisation’s approach to threat intelligence, including the use of suppliers.

• Identifies requirements for threat intelligence based on the assets to be protected and the types of intelligence that can help protect those assets.

• Engages with, and influences, relevant stakeholders to communicate results of research and the required response.

• Ensures quality and accuracy of threat intelligence information. Reviews threat intelligence capabilities.

Incident management (Level 5)

• Develops, maintains and tests incident management procedures in agreement with service owners.

• Investigates escalated, non-routine and high-impact incidents to responsible service owners and seeks resolution.

• Facilitates recovery, following resolution of incidents. Ensures that resolved incidents are properly documented and closed.

• Analyses causes of incidents, and informs service owners to minimise probability of recurrence, and contributes to service improvement. Analyses metrics and reports on the performance of the incident management process.

Security operations (Level 6)

• Develops policies, standards, processes, guidelines for ensuring the physical and electronic security of automated systems.

• Ensures that the policy and standards for security operations are fit for purpose, current and are correctly implemented.

• Reviews new business proposals and provides specialist advice on security issues and implications.

Vulnerability assessment (Level 5)

• Plans and manages vulnerability assessment activities within the organisation.

• Evaluates and selects, reviews vulnerability assessment tools and techniques.

• Provides expert advice and guidance to support the adoption of agreed approaches.

• Obtains and acts on vulnerability information and conducts security risk assessments, business impact analysis and accreditation on complex information systems.

Digital forensics (Level 6)

• Plans and leads the organisation’s approach to digital forensics.

• Sets policies, standards and guidelines for how the organisation conducts digital forensic investigations.

• Leads and manages high risk, large or wide-ranging digital forensics investigations engaging additional specialists if required.

• Authorises the release of formal forensics reports.

10 views0 comments

Recent Posts

See All