Security Operations Lead
London, England, United Kingdom
Motorway
The more money way to sell your car. 5,000+ dealers compete to give you their best price. It's fast, easy and 100% free.Motorway is the UK’s fastest-growing used car marketplace – our award winning, online-only platform connects private car sellers with thousands of verified dealers nationwide, ensuring everyone gets the best deal. Founded in 2017, our technology-led approach has redefined the experience of selling a car, generating thousands of monthly car sales and helping us to grow to a team of over 250 across 4 locations.
Motorway is now valued at over $1 billion and is backed by some of the world’s leading technology investors, having raised £143 million in Series C funding. This is a unique opportunity to join a fast-growing scale-up at a crucial phase of growth and help change an industry for the better.
We’re looking for an experienced Security Operations & CSIRT Lead to assist the Head of Payment, Infosec, Risk & Compliance in the development, enhancement and execution of our Payment cybersecurity function and ensuring our B2B2C payments capability across our marketplace platform is robust and mature. This is a critical part of the customer experience and business operation.This role will work closely with the Payment Operations and Fraud Teams and will collaborate with other business technical and non-technical teams. This role would require travel to Brighton once a week (1hr from London Bridge).
The role will involve:
- Leading cybersecurity incident response, covering incident handling and coordination, in-depth technical analysis and engagement through to recovery
- Performing post-incident reporting, including root cause analysis and lessons learned
- Expanding and maturing security operations and cybersecurity incident response capabilities (including assessment, implementation and configuration of security toolsets)
- Managing the day-to-day security monitoring of networks and systems for indications of intrusion or malicious activity
- Conducting threat hunting across a range of security solutions and tooling (e.g. SIEM, WAF, IDS/IPS, endpoint protection)
- Management reporting (including security metrics)
- Leading and supporting digital forensics investigations (including liaison with third-party forensics)
- Production and maintenance of relevant documentation (e.g., cybersecurity response plan, playbooks, documented operating procedures, education and training material)
Requirements
- Strong knowledge of the information security threat landscape, including malware and network attack vectors
- Strong technical knowledge of AWS and GCP administration, security tooling and cloud security operations and incident response
- Technical knowledge of best practice security for networks, systems, web applications, APIs and databases
- Strong knowledge of common security tools such as SIEM, endpoint protection, scanners, proxies, WAF, IDS/IPS
- Good knowledge of security standards and frameworks (e.g. ISO27001, PCI DSS, MITRE ATT@CK, NIST CSF)
- Systems forensics and investigation skills (MACOS and Windows internals)
- Demonstrable experience of working in a security operations centre and enterprise-level CSIRT
- Relevant security certifications (e.g. GSEC, GCED, GCIA, GDSA, GCIH)
- Strong verbal and written communication skills and the ability to communicate clearly to both technical and non-technical audiences
- Good interpersonal and leadership skills
Benefits
- A competitive salary.
- Annual learning budget with access to General Assembly courses, an Audible subscription and hundreds of books and online lessons.
- BUPA health insurance.
- Pension scheme.
- Motorway car leasing scheme - lease a zero-emissions electric vehicle at a significant discount
- Enhanced maternity/paternity leave.
- Top spec M1 MacBook Pro or Windows laptop and accessories.
- Regular social events.
- Cycle to work scheme.
Equal Opportunities Statement
Motorway is committed to equality of opportunity for all employees. We work to provide a supportive and inclusive environment where all individuals can maximise their full potential. We believe our workforce should reflect a variety of backgrounds, talents, perspectives and experiences. Our strong commitment to a culture of inclusion is evident through our constant focus on recruiting, developing and advancing individuals based on their skills and talents.
We welcome applications from all individuals regardless of age, disability, sex, gender reassignment, sexual orientation, pregnancy and maternity, race, religion or belief and marriage and civil partnerships.
Given the continued spread of COVID-19 (coronavirus), all interviews will be conducted by phone or virtual connection to protect our candidates and employees.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: APIs AWS C Cloud Compliance CSIRT Forensics GCED GCIA GCIH GCP GSEC IDS Incident response IPS ISO 27001 MacOS Malware Monitoring NIST PCI DSS SIEM Windows
Perks/benefits: Career development Competitive pay Gear Health care Insurance Parental leave Team events Travel
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Senior Security Analyst jobs
- Open Manager Pentest H/F jobs
- Open Information Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior Information Security Analyst jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Product Security Engineer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Senior Information Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Sr. Security Engineer jobs
- Open Security Researcher jobs
- Open Senior Security Architect jobs
- Open Security Operations Analyst jobs
- Open ISO 27001-related jobs
- Open Clearance-related jobs
- Open Windows-related jobs
- Open Application security-related jobs
- Open Network security-related jobs
- Open Agile-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open DevOps-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open Kubernetes-related jobs
- Open CI/CD-related jobs
- Open Security Clearance-related jobs
- Open IDS-related jobs
- Open CEH-related jobs
- Open EDR-related jobs