CIRT Global SOC Lead

  • Location

    Glasgow, Scotland

  • Sector:

    IT Security

  • Job type:


  • Salary::


  • Contact:

    Gail Maguire

  • Contact email:


  • High Salary:


  • Low Salary:


  • Reference:


  • Job Published:

    10 months ago

  • Expiry Date:


  • Startdate:


CIRT Global SOC Lead - Glasgow

My client is a highly dynamic and globally successful Investment Bank.

They currently have an opportunity for a CIRT Global SOC Lead to join their team in Glasgow.
This role will lead, develop, and run the firm's global Security Operations Center (SOC) within the Cyber Incident Response Team (MSCIRT) function.

The global MSCIRT SOC is a 24/7 operation with members in key geographical locations; performing security incident response triage, remediation and escalation. The SOC team consists of analytical and response specialists working 24/7 on events triggered from the firms array of security products; plus the handling of alerts from external parties. They work closely with the MSCIRT Security Analysis team developing processes to ensure the firm has rapid response capability to Cyber incidents. The MSCIRT SOC will be expanding its operations over the next 12months to include monitoring of the firms security controls and integration of the insider investigations triage team.

Primary Responsibilities:
- This role will involve the setting up, running, and developing the SOC.
- Representative in the SOC and CIRT management team ensuring the local and global issues are handled accordingly
- Responsible for the day to day running of the SOC globally including interaction with the commercial suppliers and ensuring global cohesion of the SOC function
- Responsible for ensuring the triage and escalation is performed appropriately as well as improving all aspects of detection, containment and resolution of incidents within the SOC
- Maintaining internal relationships with the firms other front line services including personal security and helpdesk services
- Authority on the skill and capability of the SOC function, working with Security Analysis function to develop to develop skills
- Authority on the compliance work carried out globally for CIRT
- Improve the escalation, containment and resolution of incidents from the SOC
- Maintain knowledge of technologies and the threat landscape.

Required Skills:
- experience managing within a Security Analysis or Incident Response function (i.e. managing in SOC/CIRT/CSIRT/CERT).
- Understand the totality of a threat across multiple technologies and think like an adversary.
- Excellent writing and presentation skills are required in order to plan and deliver a solid SOC operating model fit for the business.
- Proven track record of development of a team ensuring the appropriate functioning from the contingent workforce
- Experience with investigating common types of attacks; network packet analysis; log analysis and reviewing security events; then applying these to enhance existing incident response methods, tools, and processes
- Maintain knowledge of the state of the art in a broad field of security topics

This is an excellent opportunity for someone with security and leadership skills that wants to build and lead a SOC team