Principal Cyber Operations SME
Recruiter
JLR
Listed on
19th May 2022
Location
Manchester
Type
Permanent
Start Date
2022-05-19
This job has now expired please search on the home page to find live IT Jobs.
A leading premium automotive business and leading to move towards electric autonomous vehicles.THE OPPORTUNITY
Jaguar Land Rover is leading the way with initiatives to improve the customer experience through the use of vehicle data to manage, update and improve the car.
Within the Vehicle Connected Data Platform (VCDP) team, we build, maintain and operate systems and applications that allow our vehicles to operate in the connected world. In support of this, we are looking for a Principal Cyber Operations SME to build out the capability for proactive detection of cyber vulnerabilities in conjunction with leading the strategy around VCDPs response to active cyber incidents of our cloud-based infrastructure and services in support of upcoming regulation changes in the automotive sector.
The Principal Cyber Operations SME will own, build and implement the teams strategy for running internal and external security incident and vulnerability management functions. You will be required to deliver operational support as well as new best in class technical solutions under project governance whilst leading and developing a team.
Fundamentally this will be a collaborative role heavily integrated with the JLR Vehicle Security Operations Centre to share knowledge, skills, experience and resources for this critical and exciting new capability with touchpoints across the entire offboard cyber technical discipline.
WHAT TO EXPECT
Key Accountabilities and Responsibilities
Work with the offboard cyber technical discipline head to derive and execute the future vision and execution plan for vulnerability and incident management.
Plan, direct and control the incident and vulnerability management functions and operations.
Ensure the monitoring and analysis of incidents to protect VCDP platforms, addressing all security incidents and ensuring timely escalation.
Coordinate and cooperate with externally sourced security service providers including the JLR Vehicle SOC who will be a strategic partner in this role.
Direct security event monitoring, management and response and cyber threat.
Identify, procure and implement all relevant tooling across both vulnerability management and incident response, aligning with corporate tooling where appropriate and identifying areas for consolidation and efficiency.
Ensure incident identification, assessment, quantification, reporting, communication, mitigation and monitoring in accordance with defined SLAs.
Define and implement the policy, process, and procedures for vulnerability and incident management in line with ISO 27001.
Ensure daily management, administration and maintenance of security devices to achieve operational effectiveness.
Creation of reports, dashboards, metrics for VSOC operations, operational development teams and senior management.
Drive thorough Incident Investigations to ensure that Root Cause Analysis & Lessons Learned are conducted, documented and implemented as well as speedy but safe Return to Operation controls are implemented.
Refine and continually improve the Application Security (AppSec) Pipeline security vulnerability testing capability ensuring that the people, processes and technologies needed for a world class DevSecOps capability are in place.
WHAT YOU'LL NEED
We're looking for Principal Cyber Operations SME with strong stakeholder management and leadership skills, who will build and implement the teams strategy for running internal and external security incident and vulnerability management functions.
We are keen to speak to people who have the following skills and expertise:
Previous experience working within and leading a SOC function at scale at a senior level.
Excellent understanding & experience of management of Cyber Information Security Incidents, Risk & Vulnerabilities.
Proven experience in Security Incident Handling, Vulnerability Management and Threat Hunting.
Experience of application security tools covering SAST, DAST, SCA and runtime implementations including triage and assessment of active vulnerabilities.
Experience of working within an agile delivery environment and experience of DevOps techniques and practices.
Qualifications in Security Management such as CISSP / CISM or other Security qualifications.
An end-to-end understanding of NIST, MITRE attack framework and the 7 stage Cyber kill Chain
Strong IT skills, able to analyse data for reporting purposes and follow work instruction.
Have a keen eye for small details as well as a delivery focused mentality.
Background and previous experience of cloud-based technologies such as AWS and GCP would be a plus,
Jaguar Land Rover is leading the way with initiatives to improve the customer experience through the use of vehicle data to manage, update and improve the car.
Within the Vehicle Connected Data Platform (VCDP) team, we build, maintain and operate systems and applications that allow our vehicles to operate in the connected world. In support of this, we are looking for a Principal Cyber Operations SME to build out the capability for proactive detection of cyber vulnerabilities in conjunction with leading the strategy around VCDPs response to active cyber incidents of our cloud-based infrastructure and services in support of upcoming regulation changes in the automotive sector.
The Principal Cyber Operations SME will own, build and implement the teams strategy for running internal and external security incident and vulnerability management functions. You will be required to deliver operational support as well as new best in class technical solutions under project governance whilst leading and developing a team.
Fundamentally this will be a collaborative role heavily integrated with the JLR Vehicle Security Operations Centre to share knowledge, skills, experience and resources for this critical and exciting new capability with touchpoints across the entire offboard cyber technical discipline.
