SOC Coordinator - Stevenage - £80.00ph Umbrella

We are recruiting for a SOC Coordinator for a leading Defence organisation based in Stevenage. This will be a hybrid role with 3-4 days on site. Due to security requirements this role is UKEO ( UK Eyes Only). Ideally you will have current SC Clearance, if not you must be eligible to obtain it.

Overview of department:

The SOC is undergoing a period of growth and maturity, with a focus on strengthening governance, improving operational resilience, enhancing monitoring capability in accordance with defence specific compliance requirements such as the DCC. The successful applicant will act as the deputy to the SOC Manager and serve as a key operational and governance lead within the team. Whilst SOC Operations contains technical analysts, engineers and security specialists, this role is primarily focussed on leadership, governance, stakeholder engagement and operational effectiveness.

Responsibilities:

Demands of countering the Cyber Threat. Support for the operational functions of the UK SOC. To work with other UK SOC members, including the UK InfoSec Team and the IM Domains. The successful candidate will help coordinate the day-to-day operation of the SOC whilst ensuring governance activities, audits, working groups, recruitment, onboarding, documentation and security improvement activities continue to progress effectively.

The Cyber Security SOC Coordinator key responsibilities are:

• Coordinate the implementation and maturity of Cyber security capability within DEx UK (Digital Excellence is the IT department)
• Deputise for the SOC Manager as required
• Deliver the SOC Security Working Groups across DEx and effectively track remediation and actions
• Responsible for the effective delivery and resilience of the 24x7 SOC shift rota
• Support the SOC Manager in the recruitment and on boarding process for all SOC resourcing
• Work in close collaboration with the Cyber Security Capability Manager
• Responsible for the responses and support to external requests and auditing of DEx within a cyber security context, such as ISO27001 audits, DCC and CE+ requests, GDPR requests, contractual questionnaires from customer or suppliers
• Coordinate vetting and access requests within the SOC in collaboration with the Cyber Security Capability Manager
• Responsible for attending the DEx CAB and ensuring that cyber security and compliance due diligence has taken place as well as reporting into SOC any impacting changes
• Take responsibility for the implementation of the Group cyber security (SOC)  strategy within DEx UK, ensuring gaps and development areas are given assigned action owners
• To be the official interface of DEx cyber security for UK InfoSec, PCSO, GIMS, Personnel Security and National Cyber Procurement Coordinator
• Responsible for ensuring that DEx projects are informed of ITHC and pentest requirements prior to acceptance into service in line with policies
• Responsible for the coordination of any CHECK test or ITHC scoping activity which may impact the SOC
• Responsible for the creation, review and update of UK SOC documentation and support the delivery of Group policy and frameworks
• To advise and support the SOC and Vulnerability Management teams on flow management policy, incident response plans and playbooks
• Work in collaboration with CSC DEx in other Natcos (International Group Companies - France, Italy, Germany, Spain etc)

Skillset

• Suitable backgrounds may include SOC Leadership, Cyber Security governance and
  assurance, Information Security Management, Defence or National Security Operations. Military Leadership appointments with responsibility for people, operations and governance.
• Knowledge of SOC functions and operating models.
• Knowledge of Vulnerability management principles
• Risk management and risk treatment process
• Audit preparation and evidence gathering
• ISO27001/CE+
• Awareness of Incident response processes.
• Security Policy development and implementation
• Audit preparation and evidence gathering
• Stakeholder management
• Security awareness of modern cyber threats and defensive practices
• JSPs and defence security policies/Defence assurance Frameworks (DCC)

This is an umbrella contract, the role is Inside IR35