Cyber Security Operations Lead

• This role leads a team of Security professionals and Partners that own the day to day safeguarding of customer information and physical assets of the company
• Leading our Security Operations Centre (SOC), and effective management to operationalise the service effectively
• Accountable for Vulnerability / Threat Management and Security Critical Incident Response 
• Establish, monitor, evaluate and report in a professional manner; clearly highlighting the current state of Security Operations and any associated risks
• Responsible for ensuring engagement of key stakeholders and keeping them engaged and up to date with security incidents
• Demonstrate effective Partner and internal team management to identify and drive capability maturity levels
• Accountable for implementing operational controls that will govern the physical security of company assets and any threat to or unauthorised access to company assets including customer and employee information
• Accountable for leading the proactive use of security tooling and partner services in protecting customer, business and employee information.
• Ensures Three UK Security Policies, Standards and contractual requirements are delivered
• Provide support in proactive and effective oversight (and where appropriate challenge) of the technology and security risk management frameworks, methodologies, processes, assurance, remediation and reporting activities across the company.
• Work with technology, Security and business stakeholders to help identify, define and prioritise pragmatic and efficient remediation activities in relation to risk and control issues identified. Where Residual Risk is above appetite, facilitate the Risk acceptance process.

• Effective management of external partners and internal teams to deliver the Cyber Security Operations Centre (SOC) and Physical Security services
• Deliver the Vulnerability Management Programme
• Deliver effective Threat Management (Protective Monitoring) and Security Incident Response and Management 
• Deliver appropriate and focussed Cyber Threat Intelligence (CTI) products
• Deliver an intelligence led Threat Hunting capability
• Develop the cyber threat detection capability (SIEM content)
• Effective documentation of Security Operations functions and processes

• Ability to lead, make decisions, problem solve and work within teams. Can demonstrate flexibility and agility to move between role types within teams.
• Will have clear subject matter experience of their area (both technical and commercial) and ability to connect and work across multiple domains. Can demonstrate knowledge of their area articulated through key operating elements of people, process and technology.
• Ability to contribute to the development of strategies (and/or service strategies) within their area and understand the importance of the customer experience and how this can be affected by service impacts.
• Will be passionate about the use of data and insight to make informed decisions, solve problems and input to operational and strategic plans. Can demonstrate the ability to gather, analyse and present information in business terms for management and leadership consumption.
• Significant experience of managing key 3rd Party Supplier and Partner risk assessments
• Demonstrable experience of delivering against industry standards frameworks, e.g., Telecoms Security Framework, NIST SP800-53, ISO27001, Cyber Essentials Plus, and PCI-DSS
• Industry or academic credentials in security or risk management, e.g., CISM, CISSP  

• The salary range for this role starts at £59,120, the exact salary will differ by job and experience
• A car allowance, a performance based annual bonus & an additional 'flexible allowance' to spend on additional benefits, topping up your pension, or to be added to your salary.
• Hybrid working between your home (2-3 days a week) and our brand new Reading HQ office at Green Park (2-3 days a week)
• 28 days annual leave + 8 bank holidays + 3 personal days annually, which increases with length of service.
• Private Medical Insurance, Life Assurance and Income Protection.
• Free mobile phone package & unlimited sim-card
• Free on-site car parking 
• Plus lots more including wellbeing and learning & development benefits!

Our people make us who we are. We’re a diverse and inclusive bunch, and it’s important you can feel you belong here. We value everybody for who they are and what they bring to the table, supporting one another as we continue to deliver for our customers.

At Three we have a hybrid working arrangement in place as standard for office based employees, where employees work from a mix of office based location and working from their home in the UK to carry on their role.

Excluding retail, core hours at Three are between 10:00 and 16:00, with operating hours between 08:00 & 18:30. This allows employees to have a start time between 08:00 and 10:00 and finish time between 16:00 and 18:30.