Security Operations Manager - United Kingdom of Great Britain and Northern Ireland - 25390 - Maximus

General information

Job Posting Title

Security Operations Manager

Date

Wednesday, January 22, 2025

City

Remote

Country

United Kingdom

Working time

Full-time

Closing Date

29-Jan-2025

Description & Requirements

Be part of something great

Maximus is a global organisation that specialises in providing health and employment services to millions of people every year. Here in the UK we employ around 5,000 people across the country to deliver services that have a profound impact on people’s lives. From assessments and health services to employability programmes and specialist support, we do work that matters with people who care.

Role Summary

• To shape the future of our Security Ops and establish and execute a comprehensive strategy that identifies, prevents, detects, and responds to an ever changing threat landscape aligned to Maximus Security policies and standards

• To keep the Maximus UK Technology environment secure and functioning correctly and providing support, advice, guidance around Information Security Technology assets.

• Work With Maximus UK technology colleagues, ISO global team, Maximus UK DPO team, contract operations and external clients to support driving towards and implementing Maximus policies and standards as aligned with industry best practice

• Develop new ways to improve the operational environment including automation and RPA, to enhance the security of the services offered by Technology to the Maximus UK business.

• Ownership of all aspects of technical IT security operations in Maximus UK, ensure that all practices and policies are in place and adhered to daily. To ensure all Technology actions required to support required audit certifications (including CE+, SOX, ISO27001) are acquired, maintained or retired as directed by business leadership

• Design for resilience. Ensure issues only happen once. Design, implement, and continuously improve security incident management processes, procedures, and workflows to minimize the impact of security incidents on the business and its customers.

Essential Duties & Responsibilities

Produce designs, patterns, guidelines and processes, then implementation and operation of Maximus mandatory security solutions. Own and drive security by design for new technology solutions/services, including representing security operations at CAB
Routinely (daily, weekly, monthly) scan and audit internal systems and platforms for vulnerabilities to identify risks and issues and ensure these are recorded, remediated, then published to the relevant stakeholders. Any risks are to be recorded and mitigated or accepted on the technology risk register. All Security Pen test remediations are completed within required policy timeframes
Mentoring and leadership of other engineers and drive a culture of continual IT Security improvement in response to a changing threat landscape. Run IT Security awareness sessions/ Workshops and provide IT Security hints and tips to Technology colleagues and support ISO in any targeted security education campaigns. Stay up to date with cloud industry trends, emerging technologies, and best practices to make recommendations for continuous improvement
Drive continual improvement within the Technology Security space using automation and process improvement where-ever possible
Monitor and investigate IT Security logs and events as captured by automated tools and remediate as required resulting in improved services and reduced unplanned outages
Lead for Security Operations team and facilitate across the wider Technology team in the preparation and assistance for Maximus UK compliance Audit (e.g. CE+, ISO27001, SOX etc) ensuring continued compliance with Best Practises and Maximus Security policies and standards
Assist in the auditing and compliance checks of the company suppliers to ensure adherence to defined best practises

Salary Range:

Non-London - £69,000 - £74,000

London - £76,000 - £81,000

Qualifications & Experience

• Degree level or equivalent in Information Technology, Computer Science, or related field of study OR an equivalent combination of education and experience sufficient to successfully perform the essential functions of the job.

• Deep knowledge of security patterns and Microsoft Azure Security blueprints

• Expert knowledge in Cloud security tools, products, processes and procedures and deployment methods

• Experience building &/or managing live production systems/platforms

• 5 or more years of experience working with Security products and services

• Deep knowledge of NIST Library (NIST800-53) and ISO 27000 series or similar (ISO27001), SOX, SOC2 ideal

• CREST and CISSP certified

• Good knowledge of ITIL and how it can be applied to Information Security

• Understanding of continuous integration and delivery

• Demonstrable experience of managing operations to high service standards through technology suppliers / 3rd parties.

• Knowledge of DevOps and Agile delivery methods

Individual Competencies

• Proactive, methodical, and thorough approach to operations management

• Ability to communicate in both written and oral forms, to technical and non-technical audiences at all levels of the organisation

• Ability to work independently to objectives and manage multiple high priority initiatives in parallel.

• Customer and user focussed, with the ability to understand and manage stakeholder goals and priorities across Business Divisions

• Flexible and pragmatic attitude, with the ability to work effectively in a fast paced environment.

• Mentoring and supporting attitude

• Embrace new technologies and new processes with enthusiasm

• Experience of Line Management of operational staff

EEO Statement

Maximus is committed to developing, maintaining and supporting a culture of diversity, equity and inclusion throughout the recruitment process. We know that feeling included has a dramatic impact on personal well-being and are working to ensure that no job applicant receives less favourable treatment due to any personal characteristic. Advertisements for posts will include sufficiently clear and accurate information to enable potential applicants to assess their own suitability for the post.

We are a Disability Confident Leader, thanks to our commitment to the recruitment, retention and career development of people with disabilities and long-term conditions. The Disability Confident scheme includes a guaranteed interview for any applicant with a disability who meets the minimum requirements for a job. When you complete your job application you will find a question asking you if you would like to apply under the Disability Confident Guaranteed Interview Scheme. If you feel that you have a disability and apply under this scheme, providing that you meet the essential criteria for the job, you will then be invited for an interview. Your Guaranteed Interview application will only be shared with the hiring manager and the local resourcing team. Where reasonable, Maximus will review and consider adjustments for those applicants who express a requirement for them during the recruitment process.