For a Multinational Group with Italian Headquarter we are looking for a Security Operations Manager with at least 5 years of experience in Soc relationship and Operational security.
If you are interested in a challenging project please click here to submit your application.
General Description of the Role
The Global IT Security Operations [Lead/Manager/Specialist] is a key role in the Global IT team reporting to the Group IT Senior Director Global Service Delivery, located in Group Corporate headquarter.
The role will be responsible for the management and handling of all security operations across Group, utilizing service partners and a SOC. The focus of the position is: ensuring compliance to security policies and procedures and the appropriate handling of security alerts raised by the SOC.
Coordinate in partnership with an external outsourcing provider and SOC, security operations activities across all IT environments within Company. This includes all the activities related to the maintenance of key security parameters and configurations as well as the handling of security alerts raised by SOC and triaged / resolved by Campari service providers.
Partnering with external outsourcing providers the role is accountable for ensuring group security policy and procedures are applied and adhered to for all environments including project implementations transitioning into run services.
The vendor management of the SOC, ensuring adherence to SLA's, whilst improving the overall tracking and reporting of security KPIs (MTTD/MTTA/MTTI/etc.) in order to continually drive service improvement and optimization across all aspects of incident response.
Key Responsibilities and Activities
- Governance of the security incident activities as per process and delivered by the relevant vendors. This includes monitoring of activities and adherence to SLAs as well as escalation in the event of major security alerts.
- Supports on configuration, change management and platform maintenance of security products (like security email gateway, security proxy, emergency detect and response, security information and event management, etc.) and solutions for network architecture, systems and Corporate assets
- Monitors, evaluates, and maintains systems and procedures to safeguard internal information systems, network, databases, and web-based security;
- Carries out technical vulnerability assessments of IT systems to identify potential vulnerabilities and manages remediation action plans to control identified risks;
- Reviews security solutions, recommendations, and risk documentations to minimize risk of implementation of recommended products, applications and infrastructure;
- Follows security trends, threats and counter-measures;
Internal: Global Service Delivery Director; Global Service Delivery Tower Leads; Regional Service Managers; Enterprise Architecture & Technology Director; Enterprise Architecture & Technology - Security Manager; COE team; Regional IT Directors and Country Managers
External: Technology and service providers
Experience & Education
- Minimum 5 years of proven experience in IT in a multinational company with an IT outsourcing model or in an IT Consultancy firm focused on technology services. A past experience in FMCG company is a plus.
- Fluent Italian and English, any other European language is an advantage;
- Degree in computer science, engineering or equivalent is preferred;
- 3-5 years' experience- in IT security disciplines: security operations, network monitoring or analysis- ideally in consultancy or in medium\large size companies;
- Knowledge of and experience with Azure cloud services and security best practices and principles;
- Knowledge of and experience with web proxy, firewalls (CheckPoint), intrusion prevention/detection systems, mail content scanning appliances, next-generation enterprise Anti-Virus solutions (Microsoft ATP / SentinelOne), and domain name servers desired;
- Proven experience working with 3rd party SOC's, incident response platforms and SIEM's
- Experience in Windows or Unix Administration and Network fundamentals;
- Knowledge of and experience with standard network logging formats, network management systems and network security monitoring systems, security information and event management;
- Any security product certification on network or system security will be an advantage (e.g. firewall, email security, etc.);
- Excellent communication skills, versatility, flexibility and ability to work under pressure;
Required Skills & Traits
- Experience in establishing and managing security operations activities in enterprise scale operations and multi-vendor environments
- Have an excellent understanding of all the key elements and processes relating to IT security management
- Excellent analytical, strategic conceptual thinking, strategic planning and execution skills
- Have excellent communication skills at all levels with the ability to convey complex information
- Familiarity with cross cultural issues
- Interpersonal skills and very good team working
Availability to travel internationally for short periods