VSOC Remediation Manager

Job description:

WHAT TO EXPECT

Be part of a cutting-edge Security Operations tailored to address cyber security concerns of vehicles the manufacturing of vehicles and the supporting business functions of Information Technology (VSOC). The VSOC Remediation Manager is accountable for supporting remediation efforts and thematic data analysis and reporting within the organization. The manager will support a near time risk and impact determination of cyber threats to the company business providing outputs into senior business stakeholders to enable consultation into the decision making of remediation and future security controls and security architecture strategy. He will engage remediation teams to ensure that remediation efforts are documented and completed in a timely manner through coordination with internal teams. They will manage relationships with stakeholders, both within and outside Cyber, to deliver on the common goal of protecting the organization.

Key Responsibilities and Accountabilities

In this role you will work with the Global Head of Cyber Security Operations and the CISO to ensure the business function of the VSOC is fit for purpose and that the strategy and alignment of future requirements are identified to maintain a mature. You will also interface with the SOC/VSOC service management teams to ensure feedback on performance of the overall business cyber risk is communicated.
You'll be liaising with the SOC team to ensure triaged cyber security concerns are fit for purpose and support the identification of threats so that VSOC Remediation Manager can review the residual risk and impact to the business and suggest tactical and strategic actions to minimise the risk to a measurably acceptable level.
To be successful in the role you will need to work closely with system owners and security architecture teams to ensure that current architecture and security control alignment are documented and up to date to enable an expedient residual risk determination. With the Governance Risk and Compliance team to ensure the VSOC is synchronised with enterprise information risk as well as the Incident Management team to input SME knowledge to support incident response requirements.
Lastly, you will be maintaining process and procedural documentation to support the VSOC and consult on Cyber Security Threats and Risk while producing metrics to measure Cyber Security Threat and Risk as well as security architecture and system architecture drawings.
Produce white papers on key findings an initiative to enable the consultancy of improvement to cyber security controls

WHAT YOU'LL NEED
Knowledge, Skills and Experience

Essential:
* Knowledge of Threat Modelling frameworks PASTA, STRIDE others.
* Knowledge of Risk frameworks such as FAIR, 27004, 27001, 27001
* Knowledge of Architecture frameworks Togaf, Sabsa
* Familiar with information security frameworks such as, COBITv5, ITIL, SANS Top 20 CSC, OWASP, CyberEssentials or other similar frameworks.
* Knowledge or exposure to Cloud technologies, such as IaaS, SaaS & PaaS deployments
* Relevant degree or equivalent experience preferred
* Understanding of Operational Technology and the challenges involved in securing It
* Understanding of network designs with a view to protecting plant floor networks

Desirable:
* IT security certifications such as CISSP, SANS, ISO, ITIL, TOGAF
* Experience in manufacturing Industries
* Experience in IoT technologies & connected car
* Understands Cloud infrastructures AWS, GCP, Azure

We offer:

SO WHY US?

Bring all this to the home of premium innovation, and you'll find the opportunities to further your career with a world-class team, a discounted car purchase and lease scheme for you and your family, membership of a competitive pension plan, private medical cover and performance related bonus scheme. As a manager, you'll also be able to select one of our luxury premium vehicles to lease at a fraction of the cost. All this and more makes Jaguar Land Rover the perfect place to continue your journey.

This role may offer the opportunity for hybrid working where you can split your time between working from home and in the office. At Jaguar Land Rover, hybrid working is a voluntary, non-contractual arrangement providing employees with more choice and flexibility around how, when and where they work, if suitable for their role. Further details can be discussed with the Hiring Manager at interview stage.

Please be aware that we may close this vacancy for applications before the stated deadline if we receive a high volume of interest. We strongly advise you to submit your application as early as possible.

Jaguar Land Rover is committed to equal opportunity for all.