Job Title: Endpoint Protection Service Manager
Duration: 6 months
- Define, determine and report KPIs for service optimisation in the areas of endpoint security
- Provide Monthly KPI Reports to the Head of IT Security
- Schedule and assist in rollout planning and testing of future Endpoint Protection upgrades
- Analyse the causes of escalated incidents, problems and changes and propose steps to improve
- Monitor the Endpoint Protection service queue for incidents change requests and ensure changes are implemented within the agreed SLA following strict internal change control processes
- Proactive improvement of stability and usability
- Work closely with the Third Party Provider to ensure the day to day operations are being delivered to high quality and within SLAs
- Ensuring all changes to the platform are assessed from a risk perspective including any proposed security policy changes and exception requests e.g Application Safelisting, periodic endpoint policy configuration changes
- Create Reports and Dashboards
- Review security alerts, action as appropriate and initiate escalations to other teams, including Incident Response Team as and when necessary
- Contribute to knowledge documents and incident response playbooks outlining processes, support procedures and workflows
- Review, manage and provide security approvals for firewall requests
- Other duties as and when required
IT INFRA is responsible for providing IT Services to every company within the Group (up to 20,000 users).
IT INFRA consists of the following functional areas:
- Data Centre & Cloud
- End User Computing
- IT Security
- Networking and Unified Communications
- Service Management
The client's Supply & Trading is seeking an enthusiastic and motivated individual to work as an Incident Response Manager within the IT Security Operations team.
This role sits within the IT Security Operations team which is responsible for Operational Security and reports into the IT Security Operations Team Lead. The Endpoint Protection Service Manager will assist on a temporary basis and manage the Third party who performs the day to day operations and ensure that the service runs smoothly in accordance with the defined SLAs and KPIs.
- A high level of understanding of cyber security principles, practices and tools
- A broad understanding of the cyber security threat landscape.
- Good understanding of KPIs and reporting
- Experience of managing a third party
- Experience in dealing with cyber incidents
- Proven experience in Endpoint Protection and EDR
- Previous service management experience is not essential but an advantage
- Working knowledge of an Endpoint Protection architecture
- Good understanding of the Mitre ATT&CK Framework
- Understanding of security governance, risk and compliance
- Understanding and familiarity with cloud security and concepts
- Ability to create documentation
- Ability to resolve problems independently and understand the escalation procedure
- Knowledge and experience with Windows, Unix/Linux operating systems
- Good understanding of Firewalls and Network Security
- Understanding of network protocols
- Excellent written and verbal communication
- Strong verbal presentation and writing skills, including the demonstrated ability to write clear and concise text.
- Excellent analytical abilities and a strong ability to think creatively when approaching issues
- Experience managing complex stakeholder relationships
- Confident in working with a diverse set of stockholders in the organisation from technical through senior management level.
- Strong report writing and communication skills
- Strong Interpersonal Skills
- Excellent team working capabilities
- Flexible and adaptable to change
- Able to work well under pressure
- Ability to maintain composure under pressure
- Ability to handle multiple competing priorities in a fast-paced environment to proceed high priority tasks to a resolution
- Bachelors or Master's degree in computer science, computer engineering, digital forensics, cyber security
- Certified Ethical Hacker (CEH)
- Certified Information Systems Security Professional (CISSP)
Previous experience of working in the Energy, Financial or Banking Sector is an advantage but not essential
If this role is of interest to you, please submit your CV in the first instance.