Head of Cyber Defence

at  Our Future Health

We’re hiring a Head of Cyber Defence to join our Security Team where you’ll deputise for the Director of Information Security. This is an exciting opportunity for an experienced Security professional to take ownership of existing projects, the day-to-day team management and make key decisions for the Security Team.
If you’re looking for a chance to work on a wide range of challenges, get satisfaction from continuous improvement, nurture a growing team culture and lead with experience then we’d like to hear from you.
Our Future Health will be the UK’s largest-ever health research programme, bringing people together to develop new ways to detect, prevent and treat diseases. We are a charity, supported by the UK Government, in partnership with charities and industry. We work closely with the NHS and with public authorities across all nations and regions of the UK.
Our plan is to bring together 5 million volunteers from right across the UK who will be asked to contribute information to help build one of the most detailed pictures we have ever had of people’s health. Researchers will be able to use this information to make new discoveries about human health and diseases. So future generations can live in good health for longer.
In this role, you will be one of the most senior members of our rapidly growing security team, responsible for ensuring the smooth running of our day-to-day security operations and ‘business as usual’ security processes.

What you’ll be doing:

• Acting as a key deputy for the Director of Information Security, including supporting with various security leadership activities (e.g. defining a security strategy)
• Owning the BAU and operational work within the security team, including both the delivery of the team’s core capabilities (e.g. Identity and Access Management, Security Monitoring and Incident Response) and the operation of various security processes (e.g. third-party security management, security risk management, security assurance)
• Overseeing the Secure Operations of the organisation’s cloud-native production and corporate platforms (currently Azure)
• Driving continuous improvement, including managing and helping prioritise a backlog of continuous improvement tasks and maturing the team’s operational documentation
• Leading oversight and management of the MSSP Security Operations Centre (SOC)
• Act as the primary security contact for security incident response, working alongside the SOC, our in-house incident commanders and specialist resolver groups as required
• Line manage several individuals, with various specialties, within the security team. These individuals range from security engineers building and maintaining security services (e.g. IAM, DLP, etc.) through threat analysts performing threat hunting and monitoring Cyber Threat Intelligence (CTI) to our Security Risk and Assurance Manager.
• Establish a dedicated threat team to focus on Threat Hunting, Cyber Threat Intelligence and support Threat Modelling and Security Risk Management.
• Support, including coaching and mentoring, all members of the security team with their various responsibilities, including achieving and maintaining ISO 27001 certification.

REQUIREMENTS

Though we don’t expect you to have experience of each point, experience managing teams and handling security incidents are going to be essential for this position

• Demonstrated experience in managing and developing high-performing security teams whilst fostering a collaborative, people first environment
• Experience with security incident response methodologies and demonstrable experience of handling security incidents
• Experience with the Microsoft Sentinel SIEM/SOAR platform, including KQL
• Ideally experience with the Microsoft Defender suite, Microsoft Entra and Microsoft Purview
• Strong understanding of threat intelligence principles and practices
• Strong understanding of security risk management
• Strong understanding of common security controls, including (but not limited to) DLP, IAM and vulnerability management
• Knowledge of ISO 27001 and other commonly used security standards
• Understanding of modern cloud technologies
• Exposure to Agile working
• Ability to translate between technical and non-technical teams
• Desire to be part of a small fast-paced team
• Relevant certifications, such as: ISO 27001 Lead Auditor/Implementor, CISM, CISA, CISSP, Microsoft certifications (MS-500, AZ-500, AZ-700, SC-200, SC-300), CompTIA Security+ and Cloud+, Cloud Security Alliance CCSK, ISC2 CCSP

• Acting as a key deputy for the Director of Information Security, including supporting with various security leadership activities (e.g. defining a security strategy)
• Owning the BAU and operational work within the security team, including both the delivery of the team’s core capabilities (e.g. Identity and Access Management, Security Monitoring and Incident Response) and the operation of various security processes (e.g. third-party security management, security risk management, security assurance)
• Overseeing the Secure Operations of the organisation’s cloud-native production and corporate platforms (currently Azure)
• Driving continuous improvement, including managing and helping prioritise a backlog of continuous improvement tasks and maturing the team’s operational documentation
• Leading oversight and management of the MSSP Security Operations Centre (SOC)
• Act as the primary security contact for security incident response, working alongside the SOC, our in-house incident commanders and specialist resolver groups as required
• Line manage several individuals, with various specialties, within the security team. These individuals range from security engineers building and maintaining security services (e.g. IAM, DLP, etc.) through threat analysts performing threat hunting and monitoring Cyber Threat Intelligence (CTI) to our Security Risk and Assurance Manager.
• Establish a dedicated threat team to focus on Threat Hunting, Cyber Threat Intelligence and support Threat Modelling and Security Risk Management.
• Support, including coaching and mentoring, all members of the security team with their various responsibilities, including achieving and maintaining ISO 27001 certification