Information Security Operations Manager

Ocado Technology are putting the world's grocery retailers online using the cloud, robotics, AI, and IoT. We provide services to partner clients globally via our innovative advanced robotics technology, known as the Ocado Smart Platform ("OSP"), this drives our highly automated, multi-million pound Customer Fulfilment Centres (CFCs). In our CFCs - together with the proprietary software applications - we operate a world-class online grocery business that automates the single pick of products, ready for your online delivery.

Of course, achieving this is no mean feat, and whilst we have ambitious strategies to grow our business, we need to match this in our capabilities to ensure the ongoing security of our sensitive data, our people, our customers, and our assets. That's where Ocado's innovative Information Security team comes into play…

Who is Infosec?

We are a diverse team with disparate skills and experience but with a common passion for all aspects of information security. We are responsible for information security across the whole organisation and work closely with Ocado's Technology division to ensure that security is an integral part of our systems and services. As well as dealing with security alerts and incidents, we select and manage our security systems, carry out security assessments of new technologies, manage security compliance programs and provide security advice and education to all areas of the business.

About the role:

We have an exciting opportunity for an Information Security operations manager to join our Security Operations Team. The security operations manager plays a critical role in ensuring the day-to-day running of the team, who in turn help our business secure its systems and infrastructure.

This is a highly motivated and passionate team with broad experiences, who are happy to mentor and be mentored! The team's goal is to minimise the impact of cybersecurity incidents, provide practical guidance for the response, coordinate recovery activities, and work to prevent future incidents from reoccurring.

As the Security Operations Manager, your primary role encompasses overseeing the SecOps team, managing the operational systems utilised for investigating security alerts, and orchestrating responses to security incidents. Additionally, you'll actively guide team members in their daily duties, ensuring they are equipped with the essential skills, tools, and knowledge required for task execution, while also facilitating ongoing skill enhancement.

If you possess excellent organisational and analytical skills, and a passion for developing your career within Information Security, this is a great opportunity for you!

What We'd Like You To Do

• Manage the infosec operations team and prioritise their activities.
• Ensure that operational processes are defined, documented and maintained.
• Ensure that the security systems used by the security operations team are supported and maintained.
• Run the vulnerability management and penetration test programs.
• Develop and implement a roadmap to further extend the scope and capability of the SecOps function.
• Develop KPIs for the SecOps team and measure performance against these KPIs.
• Ensure that the SecOps team have the necessary tools to identify security incidents and carry out further investigations.
• Stay abreast of changes in the threat landscape and also latest security technologies and mitigations.
• Manage the relationship with security service partners.

About You:

• 2+ years experience in a leadership role in a SOC or similar environment.
• Strong technical background covering operating systems and networks.
• Detailed knowledge of network concepts and security protection methods and systems.
• Knowledge of common security vulnerabilities and the technical knowledge to assess their severity and impact.
• Good understanding of the security community, toolsets and knowledge sources.
• Proactive approach, able to work on multiple parallel activities in a fast-paced environment and adapt quickly to changing priorities.
• Team building skills; able to coach and develop team members.
• Excellent verbal and written communication skills.
• Strong interpersonal skills; able to build relationships across multiple teams in all divisions.

This would make you stand out from the crowd:

• Prior experience within a similar Information Security role would be desirable.
• Experience of managing or engaging with MSSPs.
• 5+ years experience in an information security role.
• Security qualified (or working towards), CISSP or other relevant qualification.
• Experience with implementing and managing enterprise scale security tools and services.
• Experience with public cloud security best practices.

What we offer you:

Our employee benefits are designed for you, we care about people and we've ensured we have a wealth of benefits that focus on your well-being. We regularly review our benefits to ensure we are supporting our employees appropriately. Currently, we offer technically stretching work, a competitive salary and;

• Hybrid working patterns meaning part of the working week can be spent working remotely (typically 3 days per week). However, your working pattern will depend upon your role/team).
• 30 days ‘working from anywhere' policy.
• Wellbeing support through Apps such as Unmind and an Employee Assistance Programme.
• 25 days annual leave, rising to 27 days after 5 years service (plus optional holiday purchase).
• Pension scheme (various options available including employer contribution matching up to 7%).
• Private Medical Insurance.
• 22 weeks paid maternity leave and 6 weeks paid paternity leave (once relevant service requirements complete) .
• Train Ticket loan (interest-free).
• Cycle to Work Scheme.
• Free shuttle bus to and from Hatfield Train Station to the Hatfield offices.
• Free shuttle bus to and from Welwyn Garden City Train Station to the Welwyn Garden City offices.
• Opportunity to participate in Sharesave and Buy as You Earn share schemes.
• 15% discount on Ocado.com and free delivery for all employees.
• Income Protection (can be up to 50% of salary for 3 years) and Life Assurance (3 x annual salary).